Some use-cases have arrays of date strings that need to be converted into valid date formats.
Simple e.g.
filter {
date {
match => [ "logdate", "MMM dd yyyy HH:mm:ss" ]
}
}
Where "logdate": ["Aug 13 2010 00:03:44", "Aug 13 2010 06:03:44"]
Please may this plugin be improved to accept these arrays of strings as input, and produce a set of dates as output.
Output would be to fill the target field with multiple values as per https://www.elastic.co/guide/en/elasticsearch/reference/current/array.html. This would not be appropriate for the @timestamp default target, so it would be expected for configuration to specify a target option in this filter if input is expected to be an array.
Some use-cases have arrays of date strings that need to be converted into valid date formats.
Simple e.g.
Where "logdate": ["Aug 13 2010 00:03:44", "Aug 13 2010 06:03:44"]
Please may this plugin be improved to accept these arrays of strings as input, and produce a set of dates as output.
Output would be to fill the target field with multiple values as per https://www.elastic.co/guide/en/elasticsearch/reference/current/array.html. This would not be appropriate for the
@timestampdefault target, so it would be expected for configuration to specify atargetoption in this filter if input is expected to be an array.