hello all,
in my project, there is no meaning for time. only order of arrival.
i want to change @timestamp to be an integer starting from 100000 and goes on.
is there a way to do it?
i tried using the date filter like this:
filter {
date {
match => ["orderOfArrival" ,"yyyyyy"]
target => "@timestamp"
}
}
i parse orderOfArrival with grok and it is ok.
any suggestions?
thanks