Would like to get advise from all expert. Currently I`m working on a project. But having issue on @Timestamp that generated by Kibana is event_timestamp which expected the timestamp grab from log which example as below
210113.142508.132 : db:
210113.142508.132 : db:[root]
Is there a way to replace @Timestamp based on log`s DATE/TIME?
Did you look into ingest node pipeline configuration? You can orchestrate Elasticsearch on how should it parse your logs.
But the structure I used is as picture displayed which thru Logstash. Ingest node pipeline config is not an ideal solution right? Or should I just do the filtering via Logstash config?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
