conorsch
commented
8 years ago Handled for existing filters, so closing. The handful of open PRs already have date filters added as well—thanks, @ageis!
Closed conorsch closed 8 years ago
conorsch
commented
8 years ago Handled for existing filters, so closing. The handful of open PRs already have date filters added as well—thanks, @ageis!
Right now the
@timestampfield stores the time at which the log event was ingested by Logstash. For production systems that's largely OK, but in the event of an outage, or when onboarding a new client with historical log data, the timestamps will be flat-out wrong.Let's use the date filter to update the timestamps where appropriate. We'll need different
datelogic per logfile, depending on the built-in time format.