Hello Everyone,
I am new to graylog so I apologize in advance for any incorrect use of terms and mistakes I make.
I am trying to alter the timestamp in a stream and from what I have read pipelines are the best way to accomplish this.
I have created a test pipeline with a connection stream and a single stage.
Here is the rule source:
rule “time update”
when
true
then
let new_date = “2019-01-11T20:49:46.805Z”;
set_field(“timestamp”, new_date);
end
From what I understand, this should change all the timestamps from the stream to 2019-01-11T20:49:46 but this is not happening.
Observing the "manage pipeline’ screen shows no throughput for the stage or rule.
Any guidance would be much appreciated, even a link to some useful documentation.
I have already read the graylog documentation (http://docs.graylog.org/en/2.5/pages/pipelines/pipelines.html#overview) but if I missed something please point it out.
Thanks