Hi ,
I have a custom date-time field like "January 14th 2016, 00:00:00.000".
I want to parse it into timestamp field in logstash.
Can anybody provide me the pattern that can be used as a pattern to match in a date filter in logstash.
Thanks in advance
You probably need to strip away the "th" (and "nd" and "st") that can come after the day as the date filter isn't capable of ignoring it automatically. Or, specify multiple date patterns and let the filter try them all until it gets a match. Untested:
date {
match => [
"name-of-your-field",
"MMM dd'th' yyyy, HH:mm:ss.SSS",
"MMM dd'nd' yyyy, HH:mm:ss.SSS",
"MMM dd'st' yyyy, HH:mm:ss.SSS"
]
locale => "en"
}
Thanks Magnus.
I tried by striping th etc and even took the first three character of month
and reconstructed a matching timestamp.
But i will also try your way out once and if your one works out then it is
relatively less processing.
regards
Dibyananada
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.