Integrate formated date to elasticsearch

Sylfaen · June 1, 2017, 8:37am

Hey

I'm trying to integrate date format like "Fri Jan 02 17:34:45 CET 2017" but logstash send me error message with malformated date at "CET 2017"

I used the response from here but

"exDate": {
"type": "date",
"format": "E MMM d H:m:s z Y"
},

isn't working. Is there a specific thing with CET ? How can I map my date ?

Thanks!

Sylfaen · June 2, 2017, 8:41am

Resolved by removing CET from the field and matching date with timezone :

if ([expDt]) {
    mutate {
      gsub => ["[expDt]", "CET", ""]
    }
    date {
      match => ["[expDt]", "E MMM d H:m:s  Y"]
      timezone => "CET"
      target => "[expDt]"
    }
  }

Topic		Replies	Views
Date format Elasticsearch	4	2631	July 6, 2017
Accepted Date datatype for a field Elasticsearch	5	419	August 1, 2019
Impossible format date Logstash	14	471	March 4, 2019
Parsing a date and timestamp to default Elasticsearch Logstash	3	580	January 10, 2022
Formatting date format in ES index template Elasticsearch	1	644	April 22, 2020

Integrate formated date to elasticsearch

Related topics