Hello there,
I am exploring ELK capabilities for log viewing.
I understand how to ingest log data into elasticsearch through filebeat and viewing from Kibana. but I noticed that if I select timestamp while creating index, the time it shows is when the file was ingested.
but I want to be able to see the time which is in my log entries. I am not sure how.
Can anyone please tell me the right way to do it if they have done it before?
Thanks,
Akhil
Perhaps take a look at this
And this has tripped up a few folks
The layouts are described using a reference time that is based on this specific time:
Mon Jan 2 15:04:05 MST 2006
Since MST is GMT-0700, the reference time is:
01/02 03:04:05PM '06 -0700
Thanks Stephan. let me look into it.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.