Menu
I have an automatically generated @timestamp with the default format. What i would like is to extract the hour/month/weekday of the timestamp putting it in another field.
For example, now my timestamp looks like that:
@timestamp: "2015-08-26T09:04:42.284Z"
Is there any way to get the following fields?
I want it to make a kibana4 Histogram based on the hour/day of connections, with an average metric. If there's a different way to achieve that, please tell me!
I've searched all the web for that, but I couldn't find any solution. I would appreciate any help on this.
962
Finally figured it out.
You can use the notation %{} to do that. Just put:
add_field => {"[hour]" => "%{+HH}"}
add_field => {"[weekday]" => "%{+EEE}"}
Here's a reference of symbols to use.
And that's it!
75
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With