Hi All,
There is one requirement where i need to compare log date with some constant date. and then perform indexing in ES.
is there any way where i can compare two dates in logstash?
Thanks,
Rohan
You can use the date filter to create a field with an ISO8601 date, and that date can be compared to another ISO8601 in a conditional.
But what's the syntax for that? Things like this give "undefined method `time'" exceptions.
if [@timestamp] > "2017-01-01T00:00:00Z"
1 Like
There's a Date plugin for logstash you can use where you give it the syntax to expect for the time.
https://www.elastic.co/guide/en/logstash/current/plugins-filters-date.html