06:55:20.695 [LogStash::Runner] FATAL logstash.runner - An unexpected error occurred! {:error=>#<TypeError: wrong argument type String (expected LogStash::Timestamp)
The error is clear that it is trying to use string for @timestamp but is failing, but how do I tell it not to convert it to string as it is not a string type to begin with ?
I also tried this:
date {
match => [ "last_execution_time", "ISO8601" ]
timezone => "UTC"
}
There is no error in the log in regards to the latter case, it executes fine but the value of last_execution_time does not match @timestamp.
Any other recommendations in troubleshooting ?
Side Note: I'm using the default configuration, calling the binary directly, which logs to the screen. Then checking each line in the console for any errors.
Although there was no error in the log as an exception. I do see the following in the tags which I just noticed:
[0] "_dateparsefailure",
Hmm, ok, so ISO8601 should match the pattern right? However, it is already a date type not a string to parse, does that make a difference with the date filter ?
Let me see what log level it is using by default and increase that maybe that will produce a better error.
Aha, right. Yeah, if the field is a timestamp field the date filter won't work. You probably need to use a ruby filter to assign the timestamp field to @timestamp, or make sure the field is converted to a string before you feed it to the date filter.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.