Logstash cannot assign correct date to log timestamp

John_06 · June 13, 2017, 7:04pm

Is this correct config:

filter {
    grok {
      match => {"message" => "(?<logTime>[0-9]{2}:[0-9]{2}:[0-9]{2},[0-9]{3}) "}
    }
    ruby {
      code => "event['logTimestamp'] = Time.now.strftime('%Y-%m-%d') + ' ' + event['logTime']"
    }
    date {
      match => ["logTimestamp", "YYYY-MM-dd HH:mm:ss,SSS"]
      timezone => "..."
    }
}

I replaced mutate filter with ruby one to get the current date of the log.

Topic		Replies	Views
Unable to replace @timestamp with some other field in logstash Logstash	6	2311	September 19, 2017
Date Custom Field Timezone Logstash	7	4451	December 20, 2017
Timestamp question Logstash	3	569	July 6, 2017
Timezone with logstash Logstash	7	8341	December 8, 2016
Problem in Parsing date Logstash	2	297	April 13, 2018

Logstash cannot assign correct date to log timestamp

Related topics