customize integration timestamp in loki

Question

I use the PLG stack (promtail, loki, grafana) to collect system logs and I need to override the integration date added by loki by the one extracted from the log message,

I can't get it to work, here is my example:

scrape_configs:
- job_name: "service-0 "
  static_configs:
  - targets:
      - localhost
    labels:
      service: service -0
      host: " service-0-xyz.local "
      timestamp:
      environment: "dev"
      __path__: /etc/sys.log
  pipeline_stages:
   - match:
      selector: '{service="service -0"}'
      stages:
       - regex:
           expression: '(?P<timestamp>^(^[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}))'
       - timestamp:
           source: timestamp
           format: RFC3339Nano
       - labels:
           'timestamp: 

grafana view

Do you have an example please?

thanks for your help

I've tried updating loki/promtail to last version,
I've added new field named "timestamp" filled by extracted date from log message, but i can't change the integration date

I found this discussion, but I can't make it work

Answer 1

If someone needs a solution, the problem was the timestamp format and I made it work by changing the promtail config like this:

scrape_configs:
- job_name: "service-0 "
  static_configs:
  - targets:
      -  localhost
    labels:
      service: service-0
      host: "service-0-xyz.local "
      environnement: "dev"
      __path__: /etc/sys.log
  pipeline_stages:
    - regex:
        expression: "^(?P<timestamp>\\d{4}-\\d{2}-\\d{2}\\s\\d{2}:\\d{2}:\\d{2}\\.\\d{3}).*$"
    - timestamp:
        source: timestamp
        format: "2006-01-02 15:04:05.000"
        location: "Europe/Paris"