Use the log time and date in the timestamp

Daniel_Calisto · December 27, 2019, 6:57pm

Hi, Im trying to use the date and time in the log as the timestamp in elastic.

this is part of the log

12/27/19 06:46:39

this is the grok and the date filter to use the log date and time to use in the timestamp
grok{
match => {"message" => "%{DATA:date} %{TIME:time}"}
}

    date {
            match => ["date time", "MM/dd/yy HH:mm:ss"]
            target => "@timestamp"
    }

how can I achieve this?

Badger · December 28, 2019, 12:38am

Use mutate+add_field with sprintf references to combine date and time into a single field, or else use the pattern definitions option on the grok filter to define a pattern that combines "%{DATE} %{TIME}".

system · January 25, 2020, 12:38am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How To use date Field in RAW data to used as @timestamp in Grok pattern Logstash	7	668	May 1, 2019
Grok pattern for date Logstash	6	1676	June 13, 2019
Why is date filter in Logstash used? Logstash	3	478	December 12, 2017
Logstash date extraction help Logstash	3	612	December 26, 2016
Use parsed date/time fields to prepare @timestamp Logstash	4	683	May 21, 2018

Use the log time and date in the timestamp

Related topics