Logs that are generated from Palo Alto's Cortex Data Lake default to using the date format strict_date_optional_time_nanos, while the panw-panos-pipeline currently defaults to using the following date format:
"formats": [
"yyyy/MM/dd HH:mm:ss"
],
Adding 'strict_date_optional_time_nanos' as a default date format for the filebeat panw-panos-pipeline will also users to ingest data from Palo Alto's Cortex Data Lake without manually modifying the pipeline. This format has been tested by a user:
"formats": [
"yyyy/MM/dd HH:mm:ss",
"strict_date_optional_time_nanos"
],
Logs that are generated from Palo Alto's Cortex Data Lake default to using the date format strict_date_optional_time_nanos, while the panw-panos-pipeline currently defaults to using the following date format:
Adding 'strict_date_optional_time_nanos' as a default date format for the filebeat panw-panos-pipeline will also users to ingest data from Palo Alto's Cortex Data Lake without manually modifying the pipeline. This format has been tested by a user: