Modify @timestamp

Jan_Kaspar · October 28, 2019, 1:13pm

Hi,

I have a question regarding timestamp. I have a lot of text logs with date and time
I am parsing field %{DATE:date} %{TIME:time} and i get following format:

28.10.2019 14:10:10

Is it possible to put this value to @timestamp?

Thanks

Jan

Jan_Kaspar · October 28, 2019, 2:15pm

Hi,

I have it solved by this way:

        mutate {
            add_field => {
                "newtimestamp" => "%{date} %{time}"
            }
        }
        date {
            match => ["newtimestamp","dd.MM.yyyy HH:mm:ss"]
            target => "@timestamp"
        }

It works.

Jan

system · November 25, 2019, 2:15pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash @timestamp replacement help Logstash	1	214	June 3, 2020
Format of @timestamp Logstash	1	351	February 13, 2018
Logstash - replace @timestamp Logstash	3	311	February 16, 2021
Unable to replace @timestamp with some other field in logstash Logstash	6	2311	September 19, 2017
Parsing date_field with date plugin and set it as @timestamp Logstash	3	259	October 21, 2020

Modify @timestamp

Related topics