Unusual date conversion

(Kiran Tella) #1


My Thanks to Community for helping me to get this far in implementing ELK succesfully.

Now the issue...

  1. I have log with timestamp like this [05/Oct/2015:12:23:42 -0400] How can i change this to something like below.
    "2015-10-05T12:23:42.xxxZ", which is the format of @timestamp stored in elasticsearch.

(Magnus B├Ąck) #2

This isn't unusual at all. In fact, it looks like a date straight out of an httpd log file. Have a look at this example: https://www.elastic.co/guide/en/logstash/current/config-examples.html#_processing_apache_logs

(Kiran Tella) #3

Thanks a lot Magnus.
Now i understood this right.

(system) #4