Modify @timestamp

Jan_Kaspar · October 28, 2019, 1:13pm

Hi,

I have a question regarding timestamp. I have a lot of text logs with date and time
I am parsing field %{DATE:date} %{TIME:time} and i get following format:

28.10.2019 14:10:10

Is it possible to put this value to @timestamp?

Thanks

Jan

Jan_Kaspar · October 28, 2019, 2:15pm

Hi,

I have it solved by this way:

        mutate {
            add_field => {
                "newtimestamp" => "%{date} %{time}"
            }
        }
        date {
            match => ["newtimestamp","dd.MM.yyyy HH:mm:ss"]
            target => "@timestamp"
        }

It works.

Jan

system · November 25, 2019, 2:15pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash - replace @timestamp Logstash	3	310	February 16, 2021
Unable to replace @timestamp with some other field in logstash Logstash	6	2309	September 19, 2017
Parsing date_field with date plugin and set it as @timestamp Logstash	3	259	October 21, 2020
Replace @timestamp or add new field with time from log file Logstash	4	500	January 6, 2020
How to parse date field into @timestamp Logstash	18	35067	December 12, 2017

Modify @timestamp

Related Topics