Modify @timestamp

Jan_Kaspar · October 28, 2019, 1:13pm

Hi,

I have a question regarding timestamp. I have a lot of text logs with date and time
I am parsing field %{DATE:date} %{TIME:time} and i get following format:

28.10.2019 14:10:10

Is it possible to put this value to @timestamp?

Thanks

Jan

Jan_Kaspar · October 28, 2019, 2:15pm

Hi,

I have it solved by this way:

        mutate {
            add_field => {
                "newtimestamp" => "%{date} %{time}"
            }
        }
        date {
            match => ["newtimestamp","dd.MM.yyyy HH:mm:ss"]
            target => "@timestamp"
        }

It works.

Jan

system · November 25, 2019, 2:15pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash @timestamp replacement help Logstash	1	228	June 3, 2020
Replace my @timestamp Logstash	5	888	July 6, 2017
How to overwrite Log time values with @timestamp Logstash	3	2347	December 26, 2016
Replacing @timestamp Logstash	2	1146	July 6, 2017
Unable to replace @timestamp with some other field in logstash Logstash	6	2348	September 19, 2017

Modify @timestamp

Related topics