Replace @timestamp with unix timestamp from MySQL

Elastic Stack Logstash
1

I'm trying to inject MySQL data to Elasticsearch using Logstash.

This is my mysql table structure (id , datetime, value) where datetime consists if Unix Timestamp. ( example (131,1436298252,128) )
And here's the configuration file I wrote but doesn't work i.e It doesn't create an index with that Unix Timestamp in the database but with real timestamps.

input {
jdbc {

    jdbc_connection_string => "jdbc:mysql://localhost:3306/test"

    jdbc_user => "root"
jdbc_password => "root"

    jdbc_driver_library => "/usr/share/java/mysql-connector-java-5.1.38.jar"

    jdbc_driver_class => "com.mysql.jdbc.Driver"

    statement => "SELECT * from utinyintparamvalues"
}

}

filter {

    date {
            match => [ "datetime", "MMM dd yyyy HH:mm:ss","MMM  d yyyy HH:mm:ss", "ISO8601" ]
         }
}

output {
stdout { codec => json_lines }

elasticsearch {
    hosts => "localhost:9200"
    index => "testts"
    document_type => "datatest"

}

}

How can I get it to use the timestamps from my database.? Thank you for your help.

1 Like
2

Does it create a field called datetime with the epoch value in it?

If so then your match pattern is wrong and you should use EPOCH - https://www.elastic.co/guide/en/logstash/current/plugins-filters-date.html#plugins-filters-date-match

3

If so then your match pattern is wrong and you should use EPOCH

I think you mean "UNIX".

4

Ahh yeah, I do :slight_smile:

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.