Timestamp for logstash syslog output when specifying RFC5424

cplvic · April 5, 2018, 5:28am

Hi

I just started using the syslog output plugin. I am processing past logs (2017). I specified rfc => "rfc5424" I am also using the date filter to map the log date to @timestamp.
On my receiving server, the timestamp shows up in rfc3164 format aka MMM dd HH:mm:ss format
Is this expected or does specifying rfc5424 also change the format of the timestamp?

"Feb 24 01:43:17 10.255.255.59"

logstash version 6.2.3
logstash-output-syslog 3.0.4

cplvic · April 6, 2018, 9:36pm

KKHHHHAAAAaaaaaaannnnnnnnnnnnn!

system · May 4, 2018, 9:37pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Syslog output plugin log format is not proper Logstash	2	564	March 31, 2017
Logstash compliance with RFC5425 and RFC5426 Logstash	3	514	April 6, 2023
Logstash - Syslog Timestamp Logstash	2	131	March 19, 2024
Removing fields from logstash output Logstash	4	1217	November 17, 2017
Logstash @timestamp field wrong? Logstash	4	1222	July 6, 2017

Timestamp for logstash syslog output when specifying RFC5424

Related topics