Set @timestamp value

Roque_Moyano · July 5, 2017, 4:17pm

Hi , I have a situation , I need to send a lot of "old" logs to our ELK stack , I was doing some tests , and I realized that when logstash send the logs to elasticsearch it is seting the @timestamp field with the current date. So I can't use the date filter from kibana dashboard. I know that I can set another field with the old date logs , but is there any way to :

set timestamp field with the logs date value or
tell to kibana to search the date logs in a new field instead of @timestamp in order to use the date filter from kibana dashboard.

thanks in advance.

Charles.w · July 5, 2017, 5:22pm

Hi,

You can use the date filter plugin to parse the timestamp found within your logs and replace the default @timestamp value.

Best regards,

Charles Casadei.

system · August 2, 2017, 5:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can't use anymore @timestamp after a time filter change Kibana	3	577	December 25, 2019
Replacing @timestamp with logs having custom timestamp Logstash	8	742	February 19, 2023
ELK stack - @timestamp issue Logstash	2	384	August 9, 2020
Issue with replacing @timestamp field with the timestamp from logs using date filter in logstash Logstash	4	370	August 28, 2020
Json @timestamp vs date {} Logstash	3	447	August 1, 2021

Set @timestamp value

Related Topics