Hi. this problem seems solved for some but I still have it....
Sample data in log file :
{"TIMESTAMP":"2018-12-10 11:28:20.753","USER":"username (AIX)","ACTION":"SEARCH_SITE","CALLING_METHOD":"postRechercheSites","FILTRE":"{organisation=ALL, code_depot=, code_tracking=, activite_rattachement=ALL, code_activite=AGE, trigramme=, statut=ACT, code_postal=, critere_date=ALL, date=}"}
My conf file :
input {
file {
path => "/etc/logstash/log/RefTechnical.log"
start_position => "beginning"
}
}
filter {
json {
source => "message"
}
date {
match => [ "[message][TIMESTAMP]" , "yyyy-MM-dd HH:mm:ss.SSS" ]
}
date {
match => [ "TIMESTAMP" , "yyyy-MM-dd HH:mm:ss.SSS" ]
target => "MY_TIMESTAMP2"
}
}
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
index => "myindexname"
}
stdout {
codec => rubydebug
}
}
my problem 
TIMESTAMP inside JSON is still TEXT and never converted to date...
thanks for help...