Unix_ms time to date

Elastic Stack Logstash
1

I have date_time = 1582225804228
which is Thursday, February 20, 2020 1:10:04.228

when I use following filter it convert that to 2020-02-20T19:10:04.228Z ( which is UTC) time format

But I also want another field created with it which represent CST = 2020-02-20T01:10

this is my code but it didn't work

-- Follwoing works- output to -  2020-02-20T19:10:04.228Z (UTC)

date { match => ["date_time", "UNIX_MS","ISO8601"]
      target => "date_time"
   }


-- This do not work what ever I do. it still print time in UTC i.e 19:10
date {   match => ["date_time_timezone", "UNIX_MS","ISO8601"]
      timezone => "CST6CDT"
      target => "date_time_timezone"
   }

How do I convert this in to -6 hour ?

2

Hi

To convert time to your local time you can use a ruby{} filter like this:

  date { match => ["date_time", "UNIX_MS","ISO8601"]
             target => "date_time"
        }

  ruby {
    code => "
      event.set('date_time_timezone', event.get('date_time').time.localtime.strftime('%Y-%m-%d %H:%M:%S'))
    "
  }

Adjust the time format to match your needs.

Hope this helps

1 Like
3

@ITIC this is exactly what I wanted. Thank you

I just did add following after ruby. that made that time exactly same as my local time.
and now I have two timestamp in index one is UTC one is local.
kibana I use UTC time
sql I use local time.

   date { match => ["date_time_timezone", "yyyy-MM-dd HH:mm:ss"]
      timezone => "Etc/UTC"
      target => "date_time_timezone"
   }
1 Like
4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.