Logstah date help

pierre · December 20, 2016, 2:22pm

my log : 22-11-2016 23:32:01;703

my filter :

filter {
grok {
break_on_match => "false"
match => {
"message" => '%{DATA}%{DATE_EU:Date} %{TIME:Time};%{NUMBER:Nombre:float}%{DATA}'
}
add_field => {
"timestamp" => "%{Date} %{Time}"
}
}

date {
match => [ "timestamp", "dd-MM-YYYY HH:mm:ss" ]
}
}
you can see :

"@timestamp": "2016-11-22T22:32:01.000Z",
"tags": [],
"timestamp": "22-11-2016 23:32:01"
},

in my index patterns i have : @timestamp , type = date so i can chose this Time-field

me seconde timestamp add by add_field but in my index patterns i have timestamp.keyword , type = sting so i can't use this timestamp , i can't chose this timestamp in my Time-field

i want compare the number with the time

Topic		Replies	Views
Help with Date Logstash	6	620	December 16, 2016
Simple Grok and Date filter problem Logstash	5	2161	March 18, 2019
Date filter issues Logstash	3	499	July 6, 2017
Converting string to date Logstash	8	51149	July 6, 2017
Date formatting issue Logstash	2	444	July 6, 2017

Logstah date help

Related topics