I am new to logstash would like to extract @timestamp data from "20151027 10:20:37 0 0 1 0 0 0 0 99 1 0 0 1352 1305 0 1225 2 0.61 0.53 0.52 3 0 24 22 3 16 0 5 0 0 0 0 0 0 0 0 0 0 0 0".
Thanks in advance
Try this:
filter {
grok {
match => { "message" => [
"(?<timestamp>\S+ \S+) %{GREEDYDATA:rest}"
]}
}
date {
match => [ "timestamp" , "YYYYMMdd HH:mm:ss" ]
locale => "en"
}
}