If I understand it right, reading this spec of CEF, which makes reference to SimpleDateFormat
CEF supports several variations on time/date formats to identify the time an event occurred accurately. These formats are detailed below.
1.Milliseconds since January 1, 1970 (integer)
—This time format supplies an integer with the count in milliseconds from January 1, 1970 to the time the event occurred.
2.MMM dd HH:mm:ss
3.MMM dd HH:mm:ss.SSS zzz
4.MMM dd HH:mm:ss.SSS
5.MMM dd HH:mm:ss zzz
6.MMM dd yyyy HH:mm:ss
7.MMM dd yyyy HH:mm:ss.SSS zzz
8.MMM dd yyyy HH:mm:ss.SSS
9.MMM dd yyyy HH:mm:ss zzz
For a key to the date formats shown above, visit the SimpleDateFormat page at: java.sun.com/j2se/1.4.2/docs/api/java/text/SimpleDateFormat.html.
which seems to be handled there in beats
there should be more format strings in timeLayouts.
In my case "Jan 2 2006 15:04:05 GMT-07:00" is missing, RFC 822 time zone is also missing
If I'm not wrong, General time zone can be specified as Pacific Standard Time or GMT-08:00 not only the PST string (like it is handled in beats).