I'm trying to create an Emails dashboard using the built in Metrics tag where the email information is being pulled from on Oracle Database. The query is below:
SELECT
id
, status
, first_requested_date
, first_sent_date
FROM [transmissions]
WHERE status != 'SENT'
In Kibana when we view the output the numbers all seem dramatically big, recording like 30 million outbound emails when realistically there is no where near this amount. I think its because logstash is struggling to establish a timestamp link to the database timestamp columns but can't find any documentation on how to do this!
Here is the filter that it is using:
filter {
if [type] == "jdbc" {
if [index_name] == "email_status" {
if [db_sid] == "XXX" {
metrics {
meter => [ "eml_%{status}" ]
add_tag => "metric"
add_field => {
"index_name" => "email_status"
"type" => "jdbc"
"db_sid" => "XXX"
}
}
}
}
}
}
TL:DR - How do I align database datetime column to logstash's timestamp?
Any Help would be much appreciated,
Many Thanks,
Tyler