Discuss the Elastic Stack

How to overwrite the @timestamp with the value in the log?

Elastic Stack Beats

prateedshetty (Prateeksha Shetty) July 3, 2018, 4:48pm 1

There is NO logstash in the picture. We are using filebeat to directly push logs to Kibana.

ruflin (ruflin) July 4, 2018, 7:46am 2

I think you are looking for the ingest node feature in Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/6.3/ingest.html

prateedshetty (Prateeksha Shetty) July 4, 2018, 9:35am 3

I'm very new to ELK and I don't understand how ingest node can be used here. Can you please elaborate?

ruflin (ruflin) July 4, 2018, 10:16am 4

I assume most likely you are looking for the grok processor: https://www.elastic.co/guide/en/elasticsearch/reference/6.3/grok-processor.html

system (system) Closed August 1, 2018, 10:16am 5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

© 2020. All Rights Reserved - Elasticsearch

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.