Add special syslog timestamp parser that uses current year (#4190)
Previously it was impossible to parse syslog timestamps without the date being reported as year 0, due to the year not being specified
This commit is contained in:
Daniel Nelson
GitHub
@@ -104,6 +104,7 @@ You must capture at least one field per line.
|
||||
- ts-httpd ("02/Jan/2006:15:04:05 -0700")
|
||||
- ts-epoch (seconds since unix epoch, may contain decimal)
|
||||
- ts-epochnano (nanoseconds since unix epoch)
|
||||
- ts-syslog ("Jan 02 15:04:05", parsed time is set to the current year)
|
||||
- ts-"CUSTOM"
|
||||
|
||||
CUSTOM time layouts must be within quotes and be the representation of the
|
||||
|
||||
Reference in New Issue
Block a user