How to convert String timestamp to actual timestamp?

gaurav1424 · January 22, 2016, 10:31pm

Hello All,

I have such kind of syslog events :
Jan 22 14:24:23 mike.local DDP_Agent[83]: Complete - state change from encrypted_state to encrypted_state, commandState = encrypt_commandedState

Once I parse using syslog , I get syslog_timestamp as
"syslog_timestamp" => "Jan 22 14:11:23"

which is a string. How do I convert into timestamp so that I can put this into elastic search and have queries based on timestamp.

Thanks
Gaurav

magnusbaeck · January 23, 2016, 4:35pm

Please don't start many threads about the same problem. The answer is still that you should use the date filter, which you've successfully done.

warkolm · January 24, 2016, 3:44am

See Conver String to date (or replace @timestamp) (SOLVED)