Replace @timestamp with unix timestamp from MySQL

Bdriss_Sana · June 6, 2017, 1:39pm

I'm trying to inject MySQL data to Elasticsearch using Logstash.

This is my mysql table structure (id , datetime, value) where datetime consists if Unix Timestamp. ( example (131,1436298252,128) )
And here's the configuration file I wrote but doesn't work i.e It doesn't create an index with that Unix Timestamp in the database but with real timestamps.

input {
jdbc {

    jdbc_connection_string => "jdbc:mysql://localhost:3306/test"

    jdbc_user => "root"
jdbc_password => "root"

    jdbc_driver_library => "/usr/share/java/mysql-connector-java-5.1.38.jar"

    jdbc_driver_class => "com.mysql.jdbc.Driver"

    statement => "SELECT * from utinyintparamvalues"
}

}

filter {

    date {
            match => [ "datetime", "MMM dd yyyy HH:mm:ss","MMM  d yyyy HH:mm:ss", "ISO8601" ]
         }
}

output {
stdout { codec => json_lines }

elasticsearch {
    hosts => "localhost:9200"
    index => "testts"
    document_type => "datatest"

}

}

How can I get it to use the timestamps from my database.? Thank you for your help.

warkolm · June 7, 2017, 10:17am

Does it create a field called datetime with the epoch value in it?

If so then your match pattern is wrong and you should use EPOCH - https://www.elastic.co/guide/en/logstash/current/plugins-filters-date.html#plugins-filters-date-match

magnusbaeck · June 7, 2017, 11:09am

If so then your match pattern is wrong and you should use EPOCH

I think you mean "UNIX".

warkolm · June 8, 2017, 9:23pm

Ahh yeah, I do

system · July 6, 2017, 9:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.