+7Can someone provide a code snippet for parsing unix_ms from the field 'timestamp' in a json log? I'm in a documentation rabbit hole and just need some fresh eyes.
I get 'unsupported timestamp value format float64' but can't see a function to convert.
Best answer by cbryant
This should be what you are looking for:
mutate {
convert => {
"timestamp" => "string"
}
}
date {
match => [
"timestamp",
"UNIX",
"UNIXMS"
]
on_error => "no_date_match"
}reference:
+4This should be what you are looking for:
mutate {
convert => {
"timestamp" => "string"
}
}
date {
match => [
"timestamp",
"UNIX",
"UNIXMS"
]
on_error => "no_date_match"
}reference:
+7This should be what you are looking for:
mutate {
convert => {
"timestamp" => "string"
}
}
date {
match => [
"timestamp",
"UNIX",
"UNIXMS"
]
on_error => "no_date_match"
}reference:
Thank you, worked like a charm.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.