Logstash parsing date into JSON

Frederic_Gaerel · December 10, 2018, 5:06pm

Hi. this problem seems solved for some but I still have it....

Sample data in log file :
{"TIMESTAMP":"2018-12-10 11:28:20.753","USER":"username (AIX)","ACTION":"SEARCH_SITE","CALLING_METHOD":"postRechercheSites","FILTRE":"{organisation=ALL, code_depot=, code_tracking=, activite_rattachement=ALL, code_activite=AGE, trigramme=, statut=ACT, code_postal=, critere_date=ALL, date=}"}

My conf file :
input {
file {
path => "/etc/logstash/log/RefTechnical.log"
start_position => "beginning"
}
}

filter {
json {
source => "message"
}
date {
match => [ "[message][TIMESTAMP]" , "yyyy-MM-dd HH:mm:ss.SSS" ]
}
date {
match => [ "TIMESTAMP" , "yyyy-MM-dd HH:mm:ss.SSS" ]
target => "MY_TIMESTAMP2"
}
}

output {
elasticsearch {
hosts => ["elasticsearch:9200"]
index => "myindexname"
}
stdout {
codec => rubydebug
}
}

my problem
TIMESTAMP inside JSON is still TEXT and never converted to date...

thanks for help...

Frederic_Gaerel · December 11, 2018, 11:05am

Auto closed.
PEBKAC...

system · January 8, 2019, 11:05am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Convert logstash date sting Logstash	2	322	September 16, 2018
Parsing date format error Logstash	3	761	October 24, 2018
JSON timestamp coming as text Logstash	7	395	November 24, 2023
Conver String to date (or replace @timestamp) (SOLVED) Logstash	13	20005	July 6, 2017
Json date is not parsing to @timestamp Logstash	5	2030	May 21, 2020

Logstash parsing date into JSON

Related topics