Set @timestamp value

Roque_Moyano · July 5, 2017, 4:17pm

Hi , I have a situation , I need to send a lot of "old" logs to our ELK stack , I was doing some tests , and I realized that when logstash send the logs to elasticsearch it is seting the @timestamp field with the current date. So I can't use the date filter from kibana dashboard. I know that I can set another field with the old date logs , but is there any way to :

set timestamp field with the logs date value or
tell to kibana to search the date logs in a new field instead of @timestamp in order to use the date filter from kibana dashboard.

thanks in advance.

Charles.w · July 5, 2017, 5:22pm

Hi,

You can use the date filter plugin to parse the timestamp found within your logs and replace the default @timestamp value.

Best regards,

Charles Casadei.

system · August 2, 2017, 5:22pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can't use anymore @timestamp after a time filter change Kibana	3	577	December 25, 2019
Replacing @timestamp with logs having custom timestamp Logstash	8	748	February 19, 2023
Time Filter field name: @timestamp Logstash	2	2099	May 9, 2019
Make @timestamp the same as Log's timestamp Logstash	5	303	July 21, 2019
ELK stack - @timestamp issue Logstash	2	384	August 9, 2020

Set @timestamp value

Related topics