How to convert strings to time format

Stephenson · November 12, 2020, 11:01pm

Hello everyone,
Since a few months, I started working with logstash to small programs like reading a log.
I have some trouble understanding the development.
I have this line of log.

08:19:1915 , Error trae_1dato

I need insert to database on SQL Server, a table with the next columns:
Hour - type time
message - type text

The problem is when I send the information to SQL Server from logstash, because the time is string.

I tried using grok like TIME, SECOND, TIMESTAMP_ISO8601 instead GREEYDATA, use GREEYDATA because at the beginning only used it to send to email.

filter {
	if [message] =~ "Error" {
		grok {
			match => {"message" => ["%{GREEDYDATA:Hour} , %{GREEDYDATA:message}"]}
		}
	} else if [message] =~ "error" {
		grok {
			match => {"message" => ["%{GREEDYDATA:Hour} , %{GREEDYDATA:message}"]}
		}
	} else {
		drop {}
	}
}

system · December 10, 2020, 11:01pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.