I am pretty new to Solr and requires some help. Currently I am pushing all my logs to be indexed by Solr using Flume-ng and Syslog-ng. I would also like to index the date, but I keep on getting exception due to different time format.
Syslog-ng generates ISO date/time according to this format: 2013-12-24T10:36:24.0000+8:00 or in general YYYY-MM-DDTHH:MM:SS:ffffTZD but Solr is only accepting in Zulu time YYYY-MM-DDTHH:MM:SSZ.
Is there any way for me to create a custom Solr date parser so I can correctly parse the date/time. Google gave me no result of how to approach this.
Or is there any way syslog-ng can generates the date/time in format accepted by Solr?
Currently, as a workaround I had to set the servers to UTC and generate the date/time manually using the template. However, I would prefer not to set all servers to UTC since it can be in different timezone and I would like to keep it that way.