How to fix information in a closed question?

How Are We Doing? Suggestion Box
1

Hello graylog community.

Today I searched this forum for “Fixing wrong timestamps” and found a solution.
But the solution is silly and slow. How can I fix that?

It is Index ranges wrong - manual recalculation yields dates in the future - #12 by shoothub that does silly parse_date(value: to_string($message.timestamp), pattern: "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'") - seconds(3600) > now() instead of much more efficient to_date($message.timestamp) - hours(1) > now().

I came here via “graylog compare timestamp at DuckDuckGo” first hit: “How to transform a timestamp in ms to datetime format?”. I think it would make sense to have something like "If you came here for comparing dates on Graylog 3+, see here: " in that thread.

1 Like
2

@nisow95612

Thanks for an awesome suggestion! I think you’ve “fixed” the issue–or certainly brought it to the community’s attention by commenting on it. That’s probably the best way to let everyone know whether a solution is helpful or not. The platform itself pairs similar responses, but of course the algorithm to do that can be a bit unsophisticated and requires human intervention (logic).

What do other think about “updating” or correcting old solutions with new, or improved solutions?

3

@dscryber Thank you for your quick and overwhelmingly positive reply.

So, if I get this right, the current way is to create a similarly-named topic and put the update there?

I don’t know what others think and my 14 days are almost up.
Jokingly: I assume there is also no way to update expired suggestions?

4

Hey @nisow95612

My apologies, I have over look this post.

This is a good idea since I do see Timestamp issue most of the time.

1 Like
5

@nisow95612 , Yes, I agree with @gsmith, your suggestion is a good idea (create a similarly-named topic and put the update there) since the timestamp issue can be a problem. Just like a “sell by date,” a new post with a current date helps to move product. :grinning:

6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.