Logstash convert existing timestamp format in message

Groove · December 15, 2022, 1:10pm

Hello,

I have 2 different application logs.

OUTPUT:

<135>1 2022-12-12T16:28:02Z HOSTNAME EvntSLog - - - Le service Service de licences de client (ClipSVC) est entré dans l’état : arrêté.

<134>Dec 12 16:28:02 HOSTNAME CEF:0|Trend Micro|Deep Security Manager|20.0.703|602|User Timed Out|

Here, both timestamp is different and I want to convert both timestamp format to standard timestamp format which would be "dd-mm-yyyy-HH-MM-SS".

My filter setting is

grok {
      match => { "message" => "%{TIMESTAMP_ISO8601:timestamp}" }
    }
    date {
        match => ["timestamp", "yyyy-mm-dd HH:mm:ss,SSS", "yyyy-mm-dd HH:mm:ss a"]
    }

Thanks in advance.

system · January 12, 2023, 1:11pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to special date time format to timestamp format Logstash	7	245	January 2, 2023
Extract datatime in log and convert in datatime field? Logstash	3	143	November 16, 2022
Logstash timestamp format Logstash	4	131	May 23, 2024
Datestamp to timestamp Logstash	3	502	August 13, 2020
Logstash grok timestamp from message: issue with multiple timestamp format Logstash	2	4975	July 6, 2017

Logstash convert existing timestamp format in message

Related topics