Drupal is a registered trademark of Dries Buytaert
cms 2.1.3 Update released for Drupal core (2.1.3)! drupal 10.5.11 Update released for Drupal core (10.5.11)! drupal 11.3.11 Update released for Drupal core (11.3.11)! drupal 11.2.13 Update released for Drupal core (11.2.13)! drupal 10.6.10 Update released for Drupal core (10.6.10)! cms 2.1.2 Update released for Drupal core (2.1.2)! drupal 11.1.10 Update released for Drupal core (11.1.10)! drupal 10.5.10 Update released for Drupal core (10.5.10)! drupal 10.4.10 Update released for Drupal core (10.4.10)! drupal 11.2.12 Update released for Drupal core (11.2.12)! drupal 11.3.10 Update released for Drupal core (11.3.10)! drupal 10.6.9 Update released for Drupal core (10.6.9)! drupal 10.6.8 Update released for Drupal core (10.6.8)! drupal 11.3.9 Update released for Drupal core (11.3.9)! drupal 11.3.8 Update released for Drupal core (11.3.8)! drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)!
← All modules

monolog_elasticsearch_date_processor

33 sites Security covered
View on drupal.org

Append a field to your logs that you can ingest directly into elasticsearch with no dissect or parsing magic

Usage:

In your services file you append it as a monolog processor. So for example if your service parameters look like this:

parameters:
  monolog.channel_handlers:
    default: ['file']
  monolog.processors: ['message_placeholder', 'current_user', 'request_uri', 'ip', 'referer']

Change it to this:

parameters:
  monolog.channel_handlers:
    default: ['file']
  monolog.processors: ['message_placeholder', 'current_user', 'request_uri', 'ip', 'referer', 'elasticsearch_date']

This will give you an additional field called extra.elasticsearch_date. If you are sending this field directly to elasticsearch from filebeat, you can use it like this (example):

processors:
      - timestamp:
          ignore_missing: true
          ignore_failure: true
          field: extra.elasticsearch_date
          timezone: "Europe/Oslo"
          layouts:
            - '2006-01-02T15:04:05Z'
            - '2020-06-02T13:20:50.516Z'
          test:
            - '2019-06-22T16:33:51Z'
            - '2020-06-02T13:20:50.516Z'

Activity

Total releases
2
First release
Dec 2025
Latest release
5 months ago
Release cadence
0 days
Stability
50% stable

Releases

Version Type Release date
2.0.0 Stable Dec 17, 2025
2.0.x-dev Dev Dec 17, 2025