I have a date in this format
"event_time" : "2019-07-02 19:23:59+0000"
and need to parse it in the format of @timestamp that is
"@timestamp" : "2019-08-01T11:18:34.890Z"
This is my filter :
date {
match => [ "event_time", "yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'" ]
locale => en
timezone => "UTC"
target => "event_time"
}
but unable to parse.
Help me with suggestions.
That does not match your field format. Try
date { match => [ "event_time", "yyyy-MM-dd HH:mm:ssZ'" ] }
Oh Okay! I got it what to match here in "match" field. I was assuming it wrong.
Thanks 
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.