Am using logstash to parse an input logfile and subsequently sends data to elasticsearch. I would like to capture the creation date/timestamp of the input logfile as a field on the event. How best to go about this? Fyi, i've very new to using logstash. Thnx
As far as I know that is not possible.
1 Like
You should use ruby, a similar sample is here
2 Likes
very nice, thankyou @Rios
1 Like
In general, you have OOB filter plugins, if they support your requirements like data parsing(for instance grok or csv) you can in it used it. For any other things, there is ruby plugin which opens a new world of endless possibilities.
So, Christian is correct, it's not possible by default-there is no plugin or property, but with ruby it's not so complex.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.