从Logstash中的文件名获取事件的时间戳 [英] Getting timestamp of event from file name in logstash

问题描述

我们有一个将事件写入文件的过程，没有时间戳.文件名本身带有时间戳后缀，该时间戳是文件中所有事件应使用的时间戳.现在，我试图通过使用logstash的输入文件插件来解析文件.是否可以通过一种方法将文件名获取到字段中，以便随后可以使用gsub过滤器提取时间戳，然后使用日期过滤器为事件设置时间戳?

We have a process that writes events to a file, without a timestamp. The file names themselves are suffixed with a timestamp, which is the timestamp that should be used for all the events in the file. Now, I am trying to parse the file by using the input file plugin of logstash. Is there a way by which I could get the name of the file to a field, so that I can then use the gsub filter to extract out the timestamp and then use the date filter to set the timestamp to the event?

推荐答案

我也有类似的需求，并再次提出了这个问题-因此您可以在

I had a similar need, and asked this question again - so you can find a more up-to-date answer in this question thanks to Jettro Coenradie :)

这篇关于从Logstash中的文件名获取事件的时间戳的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！