The differences between @timestamp and time in log file

lusynda · April 7, 2020, 1:27am

Hi all
I have a question about the @timestamp, i know that @timestamp are what generate by logstash but i dont really know how it work.
For ex: i have a server that are config with time that are wrong. It set the date time to year 2030. So when logstash index the event to elastic it index to the year 2030 index instead of 2020 index, i thought that the @timestamp are gen at the moment that logstash process the file. But in this case the @timestamp are gen according to the time of the server.

Thank for your time.

grumo35 · April 7, 2020, 12:41pm

@timestamp is log creation time replaced as it goes in logstash.

So when you see a log like 2030-20-12-12:23:14 it will become @timestamp at the ingestion.

If you want to add field with logstash time processed use ruby scripts with add field and time.now

Badger · April 7, 2020, 2:48pm

logstash will add @timestamp with the current date/time as events are generated. A lot of configurations overwrite that using a date filter to set @timestamp to the date/time contained in a log entry.

system · May 5, 2020, 2:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Difference between Timestamp and @timestamp in kibana logs Logstash	4	414	April 4, 2023
What is the difference between @timestamp and timestamp? Elasticsearch	5	32907	July 5, 2017
Logstash @timestamp replacement help Logstash	1	214	June 3, 2020
Why is my timefield entry and @timestamp are different? Logstash	2	633	June 12, 2017
Can i replace logstash timestamp with timestamp of my logfile? Logstash	17	40237	July 6, 2017

The differences between @timestamp and time in log file

Related topics