Using my log timestamp in logstash sample log (first-pipeline.conf)

hasan_sharekhan · April 28, 2017, 7:23am

Thanks, I am using the first-pipeline.conf as given on
https://www.elastic.co/guide/en/logstash/current/advanced-pipeline.html

input {
beats {
port => "5043"
}
}

filter {
grok {
match => { "message" => "%{COMBINEDAPACHELOG}"}
}

geoip {
    source => "clientip"
}

}

output {
elasticsearch {
hosts => [ "localhost:9200" ]
}
}

In filter section I am using "%{COMBINEDAPACHELOG} as given in example/doc, isn't it enough or do i need to make changes in filter { } section for each and every field, since it is Apache web Logs and logstash understand it the format and it believe it is enough

Topic		Replies	Views
Parsing apache access log file and extract timestamp Logstash	2	2393	January 31, 2019
Cannot parse logs with date filter Logstash	4	902	October 18, 2017
Need Help Creating Logstash Filter to use timestamp in log message in Elastic/Kibana Logstash	3	760	July 6, 2017
Logstash + historical import + oddball time stamps Logstash	3	640	October 12, 2017
Logstash plus filebeat pipeline Logstash	7	496	February 14, 2019

Using my log timestamp in logstash sample log (first-pipeline.conf)

Related topics