TechQA.

Date filter in Logstash is failing with dateparsefailure

622 views Asked by At

I have following logstash output. I want to update @timestamp field with value of Timestamp field (and eventually remove Timestamp field from the output). I am using date filter but it is not working. Below is configuration. I am not able to understand what I am missing here

Sample output

{
       "@version" => "1",
      "Timestamp" => "2020-07-25T22:06:09.1282069+05:30",
          "Level" => "Information",
        "headers" => {
       "content_type" => "application/json; charset=utf-8",
    "http_user_agent" => nil,
       "request_path" => "/",
          "http_host" => "localhost:8081",
        "http_accept" => nil,
     "request_method" => "POST",
     "content_length" => "253",
       "http_version" => "HTTP/1.1"
},
           "tags" => [
    [0] "_dateparsefailure"
],
    "ExecutionId" => "4e1a5929-e52c-4aee-ae64-41f8750885ab",
     "@timestamp" => 2020-07-25T16:36:09.474Z,
"RenderedMessage" => "This is Stream message with guid 4e1a5929-e52c-4aee-ae64-41f8750885ab",
           "host" => "127.0.0.1",
"MessageTemplate" => "This is Stream message with guid 4e1a5929-e52c-4aee-ae64-41f8750885ab"

}

Date filter

filter {
    date {
        match => [ "Timestamp", "YYYY-MM-dd HH:mm:ss" ]
      }
}
logstash logstash-configuration datefilter
Original Q&A
1

There are 1 answers

0
Viru On BEST ANSWER

I was able to fix this issue by using ISO8601 format

filter {
    date {
        match => [ "Timestamp", "ISO8601" ]
      }
}

Related Questions in LOGSTASH

Related Questions in LOGSTASH-CONFIGURATION

Related Questions in DATEFILTER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions