'Convert Apache error logs time format in Fluentd

I'm trying to convert Apache error log time format in Fluentd to use it as a timestamp for Kibana.

There is a 'time' field with timestamp from error log.

I use next configuration for it

<filter apache.**>
    @type record_transformer
    enable_ruby
    <record>
#       timestamp ${Time.at(time).utc.strftime('%Y-%m-%dT%H:%M:%S%z')}
# or
#       timestamp ${time.strftime('%Y-%m-%dT%H:%M:%S%z')}
# or
        timestamp ${time.iso8601}
    </record>    
    remove_keys time
</filter>

But all three versions convert in the wrong way (time and day mismatch): "May 03 08:04:19.147574 2021" to "1993-10-24T22:41:18+00:00"

The same configuration is OK for Apache access logs.

Thank you for your sugestions.

kibana fluentd

Solution 1:^[1]

For me works just adding time_key to elasticsearch. After this, elastic puts to timestamp field time from "time" key. I don't have this whole section like you: record_transformer

<match example>
  @type elasticsearch
  host XX.XX.XX.XX
  port 9200
  time_key time
</match>

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution	Source
Solution 1	Bolo92

'Convert Apache error logs time format in Fluentd

Solution 1:[1]

Sources

Related Questions

Solution 1:^[1]