Hi, I am using Ossec https://www.ossec.net/docs/ to log alerts locally to alerts.json which already has a timestamp in the log. Can I use this timestamp in the logstash output to elastic ? The input is below. All my beats aggregate to logstash then split or direct events to SUMO, Elastic or what…

Timestamp in json logs

PandKing (Scot) July 31, 2018, 9:52pm 8

Followed this thread

Topic		Replies	Views
How to transfer original @timestamp from json log to logstash Logstash	4	1495	March 16, 2017
@timestamp in log file getting replaced by processing time Beats filebeat	7	6524	July 19, 2016
Filebeat process timestamp from JSON Beats filebeat	2	2448	June 16, 2020
Having both filebeat and logstash event time in a log Elasticsearch	0	9	October 14, 2024
Cannot get original timestamp from WSo2 logs coming from Source -> filebeat -> logstash -> Elasticsearch Logstash	2	327	July 5, 2021

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.

Timestamp in json logs

Related topics