Hy I have this json date.
{"type":"audit_entry","created":"5/20/2021, 11:12:42 PM","colaborador_id":"cf7dc62b-dde9-4980-89d8-96eb5707876e","request_method":"PUT","ajax":false,"route":"/stock/artigos/8c443bfe-d077-46d2-805b-948c15534f2c","protocol":"https"}
I want to transform the date in "create" to a timestamp field. How I can do that?
this is the way I'm transforming my data:
input {
beats {
port => 5066
}
}
filter {
if [agent][type] == "metricbeat" {
drop { }
}
json {
source => "message"
}
}
output {
elasticsearch {
hosts => "https://elasticsearch:9200"
index => "prod"
user => "elastic"
password => "aCFly1CMvLJJ6gVHyOo4"
cacert => "/usr/share/logstash/logstash.crt.pem"
ssl_certificate_verification => false
}
}
and this is the Json data:
{
"_index": "prod",
"_type": "_doc",
"_id": "BLlVIHoBovWO2skT13Bf",
"_score": 1,
"_source": {
"agent": {
"name": "ee0ccbef92f1",
"ephemeral_id": "29f3e0e3-13be-40ac-abd9-35b688a5a177",
"version": "7.11.0",
"id": "5967388f-6559-4b97-87c7-79bb3b1a2179",
"hostname": "ee0ccbef92f1",
"type": "filebeat"
},
"created": "6/18/2021, 6:11:12 PM",
"ecs": {
"version": "1.6.0"
},
"type": "audit_entry",
"request_method": "PUT",
"message": "{\"type\":\"audit_entry\",\"created\":\"6/18/2021, 6:11:12 PM\",\"colaborador_id\":\"9b3b665d-5c95-4a4b-9ace-a140b1ea9259\",\"request_method\":\"PUT\",\"ajax\":false,\"route\":\"/vendas/venda/2f2d7564-01fe-4ca7-b116-0b52839fbfc4\",\"protocol\":\"https\"}",
"colaborador_id": "9b3b665d-5c95-4a4b-9ace-a140b1ea9259",
"ajax": false,
"host": {
"name": "ee0ccbef92f1"
},
"protocol": "https",
"@timestamp": "2021-06-18T18:11:12.923Z",
"log": {
"offset": 2460829,
"file": {
"path": "/usr/share/prod/action.log"
}
},
"tags": [
"beats_input_codec_plain_applied"
],
"route": "/vendas/venda/2f2d7564-01fe-4ca7-b116-0b52839fbfc4",
"@version": "1",
"input": {
"type": "log"
}
},
"fields": {
"@timestamp": [
"2021-06-18T18:11:12.923Z"
]
}
}
I'm collecting the logs in a file src and the timestamp in the json data is when the data was collected