I have data which contains Job start time ( ex. June 28th 2016, 13:30:48.000).
We have a requirement to split the time alone and then add it as a separate field in elasticsearch. Any idea how we can do this in elasticsearch / logstash.
Thanks
Hello,
maybe by using a grok on this field with the "," as a separator. If the grok filter succeed, you will have two fields: one with the day, one with the hour.