Graylog, Replaced invalid timestamp value in message, please any help will be really appreactied #18330
Labels
Comments
|
We are using GitHub issues for tracking bugs in Graylog itself, but this doesn't look like one. Please post this issue to our discussion forum. Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi community,
I am having a problem with my graylog 5.2 server's timestamp field, when i recieve logs by fluent-bit which get logs of wazuh.
Fluent-bit forward logs to graylog but the timestamp is causing issue.
Log contains message field which has the timestamp format of wazuh log, but graylog adds timestamp field when it arrives from fluent-bit.
I tried creating pipelines to update the timestamp field, changed timezones, played around with wazuh timezone, regex extractor but nothing worked.
Any suggestion would be really appreciated!
Below is the example:
message: {"true":1708440742.028026,"timestamp":"2024-02-20T20:00:47.153+0100",...}
timestamp: 2024-02-20 13:00:52.379
common error:
gl2_processing_error
Replaced invalid timestamp value in message <7ca5a300-d038-11ee-bb94-08002786cb46> with current time - Value <2024-02-20T22:39:10.795+0100> caused exception: Invalid format: "2024-02-20T22:39:10.795+0100" is malformed at "T22:39:10.795+0100"
Thank in advance,
Sincerely, Valdrin
The text was updated successfully, but these errors were encountered: