Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

How to add year field when creating syslog telemetry sensor for metron (HCP)

How to add year field when creating syslog telemetry sensor for metron (HCP)

Contributor

Hi all,

I was trying to create syslog sensor in HCP, the sensor is working and the data successfully parsed and stored in elasticsearch.

But year field is not available in syslog, so when i set the time in the log as 'timestamp' in GROK JasonRaw, the timestamp in elasticsearch for syslog index became year 1970.

Is there any way to solve this?

Thank You.