gsmith
June 10, 2022, 10:50pm
2
Hello
Can you show an accurate example of this message, leaving out private info?
I have seen this issue around here. If my memory is correct it has something to do with mill seconds at the end of Date/Time. It possible to use a GROK pattern or Pipeline to normalize the date time on the Input.
yyyy-MM-dd HH:mm:ss.SSS Z
Found that here.
Greetings. I am seeing errors in my log file even though my extractor is properly converting epoch dates. I’m wondering why the errors are triggering (and how to stop them).
Environment:
Graylog 3.1.4+1149fe1
Elastic Search 5.6
Error message:
2021-03-23T16:42:09.404-05:00 ERROR [Extractor] Could not apply converter [DATE] of extractor [9f96c3c4-6aee-11ea-ab2c-0efa831ef056].
java.lang.IllegalArgumentException: Invalid format: "1616510609950" is malformed at "9950"
at org.joda.time.format.…
And Here
Hello guys!
Sorry i was very busy the last days and had no time to test out stuff.
But i finally got it working again using a mix of extractor and pipeline.
Heres how i did it:
Create an extractor to copy the timestamp from the message into a second timestamp field.
[grafik]
Create a pipeline on the stream that gets the messages you want the timestamps to get changed.
[grafik]
Edit: You can also use has_field(“msg_timestamp”) instead of true if you want to.
Change the message proces…
And here
How to transform a timestamp in ms to datetime format?
for example, i want to tranform a timestamp like 1514736000000 to a datetime format 2018-01-01 00:00:00.000.
also can we directly compare the datetime with > < == or != ?
