Logstash date filter

Kyle_Hanson · September 22, 2016, 11:52am

If I have this value in my data: Dec 29 14:20:41 2005

Can you give me conf settings I'd need to have it get used as the @timestamp? I've tried many combinations and no luck getting the date filter to work for this format.

Much appreciated,
Kyle

magnusbaeck · September 22, 2016, 12:05pm

Your format is nearly identical with what's typically in syslog messages. This example should help: https://www.elastic.co/guide/en/logstash/current/config-examples.html#_processing_syslog_messages

Kyle_Hanson · September 22, 2016, 12:23pm

I'll give it a try hopefully today and let you know, thanks.

Kyle_Hanson · September 23, 2016, 1:02pm

that seemed to help, braces vs brackets on the match line appeared to be issue even though the match line was breaking out the data into the fields.

Topic		Replies	Views
Date filter issues Logstash	3	485	July 6, 2017
Dealing with string date Logstash	5	262	March 25, 2020
Logstash config date filter - what am I doing wrong? Logstash docker	15	551	October 19, 2020
Logstash Date Filter not working on Kibana Logstash	10	882	September 18, 2020
Date Filter Logstash Logstash	5	351	June 9, 2020

Logstash date filter

Related topics