How to retain the time zone and nanoseconds in timestamp when migrating es through logstash

Rios · September 30, 2024, 10:33am

This was explained here.

Credits to Badger

Here is a sample:

input {
 generator { 
        # message =>   [ "2024-08-12T09:40:31.098Z" ]
        message =>   [ "2024-08-12T17:40:31.098422413+08:00" ]
        count => 1
 }
}
output {
 stdout {codec => rubydebug}
}
filter {

date {
    match => [ "message",  "yyyy-MM-dd'T'HH:mm:ss.SSSSSSSSSZ"] # "ISO8601"
    timezone => "Asia/Shanghai"
    target => "@timestamp"
  }
  ruby {
    code => "event.set('[longformat]', LogStash::Timestamp.new(event.get('[message]')) )"
  }
     mutate {  remove_field => ["@version", "event", "host"] }
}

Output:

{
       "message" => "2024-08-12T17:40:31.098422413+08:00",
    "@timestamp" => 2024-08-12T09:40:31.098Z,
    "longformat" => 2024-08-12T09:40:31.098422413Z
}

Topic		Replies	Views
How can I change the @timestamp match my timestamp? Logstash	3	735	July 6, 2017
Convert Timestamp to UTC+0 and keep microseconds Logstash	12	3684	October 19, 2017
Convert NanoSecond Unix timestamp Logstash	9	1147	February 28, 2023
How can I convert @timestamp from logstash to encoded format as YYYY-MM-DDThh:mm:ss.sss+/-hh:mm Logstash	12	545	November 25, 2022
Change logstash default @timestamp format Logstash	3	441	February 8, 2023

How to retain the time zone and nanoseconds in timestamp when migrating es through logstash

Related Topics