How to compare date in Logstash?

RohanKumbhar · October 15, 2015, 9:00am

Hi All,

There is one requirement where i need to compare log date with some constant date. and then perform indexing in ES.

is there any way where i can compare two dates in logstash?

Thanks,
Rohan

magnusbaeck · October 15, 2015, 9:07am

You can use the date filter to create a field with an ISO8601 date, and that date can be compared to another ISO8601 in a conditional.

OrangeDog · May 5, 2017, 4:00pm

But what's the syntax for that? Things like this give "undefined method `time'" exceptions.

if [@timestamp] > "2017-01-01T00:00:00Z"

seth.yes · May 5, 2017, 5:01pm

There's a Date plugin for logstash you can use where you give it the syntax to expect for the time.

Topic		Replies	Views
How to compare dates without timestamp Logstash	10	2597	March 29, 2019
Compare Dates in Logstash Pipeline Logstash	5	2547	October 21, 2020
Logstash date filter not working Logstash	1	288	March 21, 2019
Logstash datetime filter if else Logstash	8	1831	December 21, 2020
Date can not parse date formated field Logstash	4	2341	November 22, 2017