Logstash - Unable to match date pattern

pkaramol · July 3, 2018, 10:18am

I am using a json input to filter some data and sent it to elasticsearch;

sample document from input json file:

{"preview":false,"offset":0,"result":{"@timestamp":"2016-11-30T21:59:43.000Z","@version":"1","_raw":"{ ..}}

I want my corresponding elasticsearch event to have the exact same timestamp as above;

However the following :

  date {
    match => [ "[result][@timestamp]", "yyyy-MM-ddTHH:mm:ss.000Z" ]
    tag_on_failure => ["no_date_match"]
  }

yields

Exception", :message=>"Illegal pattern component: T"

Have also tried: "yyyy-MM-dd HH:mm:ss.000Z

but then I just get match failure.

Which pattern should I use?

pkaramol · July 3, 2018, 12:17pm

This seems to be working:

yyyy-MM-dd'T'HH:mm:ss.000Z

system · July 31, 2018, 12:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Date timestamp not matching Logstash	12	828	July 7, 2020
How to use date-filter-plugin? Logstash	4	4250	July 6, 2017
Parsing date format error Logstash	3	761	October 24, 2018
Dealing with string date Logstash	5	262	March 25, 2020
Help with match date 2019-12-04 06:34:33.850000+00:00 Logstash	8	621	January 7, 2020