Logstash cannot assign correct date to log timestamp

John_06 · June 13, 2017, 7:04pm

Is this correct config:

filter {
    grok {
      match => {"message" => "(?<logTime>[0-9]{2}:[0-9]{2}:[0-9]{2},[0-9]{3}) "}
    }
    ruby {
      code => "event['logTimestamp'] = Time.now.strftime('%Y-%m-%d') + ' ' + event['logTime']"
    }
    date {
      match => ["logTimestamp", "YYYY-MM-dd HH:mm:ss,SSS"]
      timezone => "..."
    }
}

I replaced mutate filter with ruby one to get the current date of the log.

Topic		Replies	Views
Unable to replace @timestamp with some other field in logstash Logstash	6	2309	September 19, 2017
Timestamp question Logstash	3	569	July 6, 2017
Timezone with logstash Logstash	7	8334	December 8, 2016
How can I change the @timestamp match my timestamp? Logstash	3	735	July 6, 2017
Timezone for date filter seems not working Logstash	2	2420	July 6, 2017

Logstash cannot assign correct date to log timestamp

Related Topics