Hi
I just started using the syslog output plugin. I am processing past logs (2017). I specified rfc => "rfc5424" I am also using the date filter to map the log date to @timestamp.
On my receiving server, the timestamp shows up in rfc3164 format aka MMM dd HH:mm:ss format
Is this expected or does specifying rfc5424 also change the format of the timestamp?
"Feb 24 01:43:17 10.255.255.59"
logstash version 6.2.3
logstash-output-syslog 3.0.4