How i can set default timestamp in the format “yyyy-MM-dd’T’HH:mm:ss.SSSSSS” or “yyyy-MM-dd HH:mm:ss.SSSSSS”?
I, [2018-12-06T09:55:05.573974 #9] INFO – : [c84466801e6886053ac6d96476fcb43b] Processing by Api::V1::EventsController#index as JSON
Timestamp comes to Graylog in a separate field (rTimestamp). Through pipeline trying to install a new timestamp, but the output format is “2018-12-06 09:55:05.573” instead of the expected " 2018-12-06T09:55:05.573974".
In elasticsearch made custom mapping:
“type” : “date”,
“format” : “yyyy-MM-dd HH:mm:ss.SSS||yyyy-MM-dd’T’HH:mm:ss.SSSSSS”
But the result is not given.
ps english isn’t my native language
Graylog currently does support only SSS and not more granular timestamps
Сan I set the default sort not by timestamp column?
"Failed to parse date field" after change settings
no that is not possible. (currently)
You might want to open a freature request for that: https://github.com/Graylog2/graylog2-server/issues
As I see you have the timestamp in the message, so you can put in another filed.After you can use ES API to query messages sorted by your timestamp.
Ok, in this case you loose GL’s WUI, but if you really need the SSSSSS timestamp…