Hi All,
As a test, I am querying a DB using logtash and printing the output on the prompt. I have two columns access_date(29-AUG-16) and access_time(11:30:45) in the DB. While querying, I concatenate the two fields.
select access_date||' '||access_time as access_date_time from test_table
The result is 29-AUG-16 11:30:45.
I want to set the @timestamp field to this value. So, in the filter, I use
filter
{
date{
match => ["access_date_time","DD-MMM-YY HH:mm:ss"]
}
}
But the output always picks up 01 for month.
"@timestamp" => "2016-01-29T17:00:45.000Z"
Please advice.