Problem with Logstash date parse

shagun · August 1, 2019, 11:25am

I have a date in this format

"event_time" : "2019-07-02 19:23:59+0000"

and need to parse it in the format of @timestamp that is

"@timestamp" : "2019-08-01T11:18:34.890Z"

This is my filter :

date {
match => [ "event_time", "yyyy-MM-dd'T'HH:mm:ss'.'SSS'Z'" ]
locale => en
timezone => "UTC"
target => "event_time"
}

but unable to parse.
Help me with suggestions.

Badger · August 1, 2019, 12:20pm

That does not match your field format. Try

date { match => [ "event_time", "yyyy-MM-dd HH:mm:ssZ'" ] }

shagun · August 2, 2019, 11:29am

Oh Okay! I got it what to match here in "match" field. I was assuming it wrong.
Thanks

system · August 30, 2019, 11:33am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Parsing date_field with date plugin and set it as @timestamp Logstash	3	259	October 21, 2020
Parsing date format error Logstash	3	761	October 24, 2018
Help with match date 2019-12-04 06:34:33.850000+00:00 Logstash	8	621	January 7, 2020
Problems parsing time in logstash with date filter Logstash	2	2204	January 26, 2018
Failed parsing date from field Logstash	2	867	July 6, 2017