Note: All content on this website is derived directly from my own expertise and experiences. No AI-generated text or automated content creation tools are used.
Hi guys 👋, I'm a developer specializing in Elastic Stack and Next.js. My blog shares practical tutorials and insights based on 3+ years of hands-on experience. Open to freelance opportunities — let's get in touch!
Comments
Be the first to comment!
Leave a Comment
Success!
Receive Latest Updates 📬
Get every new post, special offers, and more via email. No fee required.
In this tutorial, I will show you how to convert a date field to ISO8601 format in Logstash.
In general, we can use the ruby filter with the DateTime.parse() method to parse a date string to a DateTime object. Then, we can use the iso8601() method to get the ISO8601 format.
In some cases, the date field would be yyyy-MM-dd HH:mm:ss, or some other format. But we want to convert it to ISO8601 format to normalize the date format.
To convert a date string to ISO8601 format, we can use the following Logstash configuration:
As you can see in the first example and the second example, the timezone is +00:00. However, my current timezone is +07:00 as I'm in Vietnam. So, this is a wrong conversion.
In the third example, Logstash automatically detects my timezone and converts it to UTC time, which is correct and the one we want.
To add the timezone in the conversion, we can simply add our timezone to the end of the date string and replace iso8601() with to_time.
Comments
Be the first to comment!