I am trying to match date format Mon Jul 04 22:48:23 2019 using date filter in logstash but it is showing as string in kibana. Can Someone point out the mistake. Thanks
date
{
match => ["selling_date" , "EEE MMM d HH:mm:ss YYYY","EEE MMM dd HH:mm:ss YYYY"]
target => "selling_date"
}I have boiled down it to Jul 04 22:48:23 2019 and my new date filter is
date
{
match => ["selling_date" , "MMM d H:mm:ss YYYY","MMM dd H:mm:ss YYYY"]
target => "selling_date"
}
Now logstash is reading the date as:
"selling_date" => 2019-07-04T17:18:23.000Z
It is running 5:30 hours behind. I have tried some timezones as well, but it is not showing correct time. It's Urgent. Any kind of help is appreciated. Thanks
Can you try adding the below in your date filter and see If it works fine ?
timezone => "Africa/Abidjan"
I used ruby filter, it might help you
ruby {
code => '
t = Time.at(event.get("selling_date").to_f)
event.set("selling_date", t.strftime("%Y-%m-%d %H:%M:%S"))
}
The issue was resolved using
timezone => "UTC"
Thanks for your help!
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.