Hello guys!
Sorry i was very busy the last days and had no time to test out stuff.
But i finally got it working again using a mix of extractor and pipeline.
Heres how i did it:
- Create an extractor to copy the timestamp from the message into a second timestamp field.
- Create a pipeline on the stream that gets the messages you want the timestamps to get changed.
Edit: You can also use has_field(“msg_timestamp”) instead of true if you want to.
- Change the message processor order under System > Configurations to the following:
Its important that the Message Filter Chain comes before the Pipeline Processor!
Of course you could do everything with the pipeline instead of using a mix but at this point i was just to lazy. I hope i didnt forget anything. If so just ask me and i will try to help you out.
Thanks for the help guys!