Hi,
i’m trying to implement Graylog for first time.
I create a stream, assign to a node and filter by source without problem.
Now i’m trying to parse my first message.
I have problems with dates. My firewall send me a date in this format:
time="2017-12-15 14:57:49"
fw="SN910A15K0515A7"
tz=+0100
startime=“2017-12-15 14:52:48”
The offset is +01:00 ( France ) so it should be the field tz
How can i store correct date in a timestamp field ?
Thank you for your help.
Unfortunately the timezone specifier in “tz” isn’t anything standard.
So you can either write a rule which converts the timestamp in “time” using a hard-coded timezone (e. g. “Europe/Paris” or “Etc/GMT-1”; see http://www.joda.org/joda-time/timezones.html) or you create a custom mapping for the possible values in “tz” to a valid timezone ID (see http://www.joda.org/joda-time/timezones.html) using lookup tables.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
