Help with grok from a log with date MM/dd/yyyy hh:mm:ss AM/PM

MarcV · June 19, 2019, 5:37am

Hi @daniel,
Nice !

Probably the custom_patterns Is not required with your solution ?

daniel · June 19, 2019, 6:44pm

You still will need the DATESTAMP_AMPM pattern, it’s a two step process: first match the date string with the DATESTAMP_AMPM regular expression, then interpret the date string as a time with ts-"1/2/2006 3:04:05 PM".

Topic		Replies	Views
Parsing logs with grok Telegraf	2	604	March 14, 2019
Got big trouble in grok patterns Telegraf telegraf	10	2543	December 6, 2018
Timestamp format error telegraf	2	1817	December 12, 2017
Modify timestamp parsed from logfile Telegraf telegraf	2	481	April 25, 2020
Parse a custom log using telegraf logparser input Telegraf telegraf	6	13538	February 18, 2022

Help with grok from a log with date MM/dd/yyyy hh:mm:ss AM/PM

Related topics