Merging @timestamp with actual log date

mad_dog · December 13, 2017, 2:08pm

Hi,

I'm new to logstash so maybe my question will not make much sense but I have this problem. I have servers in multiple geographical locations. They send logs with log time that doesn't include year. At the moment I use @timestamp to sort logs which is great but I noticed that logs sorted this way are out of order when you consider log creation date on a remote server. So my idea is to merge minutes and seconds from log time into timestamp. Obviously, I'll be more than happy to do it other way if there is any.

Kurt_S · December 13, 2017, 11:17pm

Sounds like you need to differentiate your date filter per source and its timezone. Something like if host = A then apply date filter with timezone for A, etc...

system · January 10, 2018, 11:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to merge separate date and time to @timestamp Logstash	6	4414	June 20, 2018
Generate @timestamp in-logstash-by-concatenating-date-from-filename-and-time-from-logs Logstash	22	7363	June 13, 2017
Date filter vs. accepting @timestamp as-is Logstash	3	445	January 15, 2018
@timestamp not matching date parsed, apache logs Logstash	3	2799	July 6, 2017
Data Logstash filter not putting month into @timestamp Logstash	3	312	July 23, 2021

Merging @timestamp with actual log date

Related topics