opensearch
Convert Unix Epoch to dateTime opensearch
I have a json log data with a field contain an Unxi Epoch in second and I want to convert it to humand readable pattern like dd/MMM/yyyy:HH:mm:ss.
I try to use data prepper of OpenSearch but i didnt found the Unix Epoch pattern to use it.
My json:
{"ua": "Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20SamsungBrowser/21.0%20Chrome/110.0.5481.154%20Safari/537.36", "customField": "1685959346", "key3": "test", "securityRule": "test|112122|super"}
How can achieve this ?
Solution
You can use ingest pipeline for it. During ingestion, elasticsearch/opensearch will convert and enrich the data.
PUT _ingest/pipeline/epoch_conversion_pipeline
{
"description": "Convert Unix Epoch to human-readable format",
"processors": [
{
"set": {
"field": "org_customField",
"value": "{{customField}}"
}
},
{
"script": {
"source": """
ctx.customField = new SimpleDateFormat("dd/MMM/yyyy HH:mm:ss").format(new Date(Long.parseLong(ctx.org_customField) * 1000));
"""
}
}
]
}
PUT test_epoch_to_human
{
"settings": {
"default_pipeline": "epoch_conversion_pipeline"
}
}
POST test_epoch_to_human/_doc/1
{
"ua": "Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20SamsungBrowser/21.0%20Chrome/110.0.5481.154%20Safari/537.36",
"customField": "1685959346",
"key3": "test",
"securityRule": "test|112122|super"
}
GET test_epoch_to_human/_search
- OpenSearch index change not reflected in search
- fluentd with OpenSearch - where does the @timestamp field come from?
- OpenSearch with Spring Boot - Displaying docuemnts by number of keywors
- Where to put boto3.Session creation in my FastAPI application?
- How to Enable Logging in Rails Application with OpenSearch and Searchkick Integration?
- Spring Data OpenSearch Unable to Convert Value of @Timestamp to Java Instant
- AWS python lambda function : Unable to import module 'lambda_function': No module named events
- Export data from OpenSearch in private VPC and import it to local running container - aws opensearch
- How to sort result based on index name in a query against multiple indices?
- Integrating Opensearch with Ruby on Rails
- How to increase _cluster/settings/cluster.max_shards_per_node for AWS Elasticsearch Service
- How to sort the composite aggregation in elasticsearch/opensearch?
- PowerBI DAX query only returns result based on 200 rows
- Error integrating with OpenSearch when using spring-boot-starter-data-elasticsearch
- An error occurs when using "terraform plan" on AWS Opensearch. "Error: HTTP 403 Forbidden: Permission denied."
- ElasticSearch returns empty hits if filtering by some field
- Handling mapper_parsing_exception in OpenSearch for dynamic data types from Amazon EventBridge
- the difference in terms of performance two types of update in opensearch
- How to implement chromium openSearch?
- Opensearch "[terms] query does not support [pname]"
- Why AWS OpenSearch service returns 404 when I try to reindex?
- Graylog and Opensearch Dashboards in parallel
- Elastic Search grouping search results based on a field
- Version of OpenSearch that created the index
- Getting error "error while sniffing nodes" while running docker compose n opensearch
- AWS Open Search Managed Cluster - No Alive Nodes
- How to set source for opensearch-java client's PutTemplateRequest?
- What is the difference between I/O Reactor Config ioThreadCount and PoolingAsyncClientConnectionManager maxConnTotal?
- What is the difference between different apache-httpclient5 setup config provided by Apache HttpClient 5?
- Migrating MySql to AWS OpenSearch using DMS