elastic
diff --git a/‎packages/nginx/changelog.yml
Lines changed: 5 additions & 0 deletions b/‎packages/nginx/changelog.yml
Lines changed: 5 additions & 0 deletions
diff --git a/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log
Lines changed: 1 addition & 1 deletion b/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log
Lines changed: 1 addition & 1 deletion
diff --git a/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log-expected.json
Lines changed: 15 additions & 14 deletions b/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-access.log-expected.json
Lines changed: 15 additions & 14 deletions
diff --git a/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log-expected.json
Lines changed: 5 additions & 5 deletions b/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-nginx.log-expected.json
Lines changed: 5 additions & 5 deletions
diff --git a/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log
Lines changed: 1 addition & 1 deletion b/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log
Lines changed: 1 addition & 1 deletion
diff --git a/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log-expected.json
Lines changed: 5 additions & 5 deletions b/‎packages/nginx/data_stream/access/_dev/test/pipeline/test-test-with-host.log-expected.json
Lines changed: 5 additions & 5 deletions
diff --git a/‎packages/nginx/data_stream/access/elasticsearch/ingest_pipeline/default.yml
Lines changed: 12 additions & 1 deletion b/‎packages/nginx/data_stream/access/elasticsearch/ingest_pipeline/default.yml
Lines changed: 12 additions & 1 deletion
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.2.0"
+  changes:
+    - description: Added optional parsing for request duration in access-log.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/14126
 - version: "2.1.0"
   changes:
     - description: Allow @custom pipeline access to event.original without setting preserve_original_event.
 
@@ -9,6 +9,6 @@
 127.0.0.1 - - [07/Dec/2016:11:04:37 +0100] "GET /test1 HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36"
 127.0.0.1 - - [07/Dec/2016:11:04:58 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0"
 127.0.0.1 - - [07/Dec/2016:11:04:59 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0"
-127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] "GET /taga HTTP/1.1" 404 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0"
+127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] "GET /taga HTTP/1.1" 404 169 45.324 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0"
 lessons.example.com 192.168.0.1 - - [09/Jun/2020:12:10:39 -0700] "GET /A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4 HTTP/1.1" 206 7648063 "http://lessons.example.com/A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4" "Mozilla/5.0 (Linux; Android 5.1.1; KFFOWI) AppleWebKit/537.36 (KHTML, like Gecko) Silk/81.2.16 like Chrome/81.0.4044.138 Safari/537.36"
 lessons.example.com 192.168.0.1 - - [09/Jun/2020:12:15:39 -0700] "GET /%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D1%88%D0%BA%D0%BE%D0%BB%D0%B0%20-%20InternetUrok%201%D0%BA%D0%BB%D0%B0%D1%81%D1%81/ HTTP/1.1" 206 7648063 "http://lessons.example.com/A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4" "Mozilla/5.0 (Linux; Android 5.1.1; KFFOWI) AppleWebKit/537.36 (KHTML, like Gecko) Silk/81.2.16 like Chrome/81.0.4044.138 Safari/537.36"
@@ -11,7 +11,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491934242Z",
+                "ingested": "2025-06-03T12:31:45.476662367Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [25/Oct/2016:14:49:33 +0200] \"GET / HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36\"",
                 "outcome": "success",
@@ -91,7 +91,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491955973Z",
+                "ingested": "2025-06-03T12:31:45.476686597Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [25/Oct/2016:14:49:34 +0200] \"GET /favicon.ico HTTP/1.1\" 404 571 \"http://localhost:8080/\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36\"",
                 "outcome": "failure",
@@ -173,7 +173,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491959697Z",
+                "ingested": "2025-06-03T12:31:45.476689457Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [25/Oct/2016:14:50:44 +0200] \"GET /adsasd HTTP/1.1\" 404 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36\"",
                 "outcome": "failure",
@@ -253,7 +253,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491962764Z",
+                "ingested": "2025-06-03T12:31:45.476691307Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [07/Dec/2016:10:34:43 +0100] \"GET / HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"",
                 "outcome": "success",
@@ -333,7 +333,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491965569Z",
+                "ingested": "2025-06-03T12:31:45.476693107Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [07/Dec/2016:10:34:43 +0100] \"GET /favicon.ico HTTP/1.1\" 404 571 \"http://localhost:8080/\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"",
                 "outcome": "failure",
@@ -415,7 +415,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491968355Z",
+                "ingested": "2025-06-03T12:31:45.476694737Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [07/Dec/2016:10:43:18 +0100] \"GET /test HTTP/1.1\" 404 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"",
                 "outcome": "failure",
@@ -495,7 +495,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491971121Z",
+                "ingested": "2025-06-03T12:31:45.476696247Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [07/Dec/2016:10:43:21 +0100] \"GET /test HTTP/1.1\" 404 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"",
                 "outcome": "failure",
@@ -575,7 +575,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491973900Z",
+                "ingested": "2025-06-03T12:31:45.476697827Z",
                 "kind": "event",
                 "original": "67.43.156.13 - - [07/Dec/2016:10:43:23 +0100] \"GET /test1 HTTP/1.1\" 404 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"",
                 "outcome": "failure",
@@ -655,7 +655,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491976741Z",
+                "ingested": "2025-06-03T12:31:45.476699327Z",
                 "kind": "event",
                 "original": "127.0.0.1 - - [07/Dec/2016:11:04:37 +0100] \"GET /test1 HTTP/1.1\" 404 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"",
                 "outcome": "failure",
@@ -723,7 +723,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491979537Z",
+                "ingested": "2025-06-03T12:31:45.476700857Z",
                 "kind": "event",
                 "original": "127.0.0.1 - - [07/Dec/2016:11:04:58 +0100] \"GET / HTTP/1.1\" 304 0 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"",
                 "outcome": "success",
@@ -791,7 +791,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491982307Z",
+                "ingested": "2025-06-03T12:31:45.476702357Z",
                 "kind": "event",
                 "original": "127.0.0.1 - - [07/Dec/2016:11:04:59 +0100] \"GET / HTTP/1.1\" 304 0 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"",
                 "outcome": "success",
@@ -859,9 +859,9 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.491985407Z",
+                "ingested": "2025-06-03T12:31:45.476703857Z",
                 "kind": "event",
-                "original": "127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /taga HTTP/1.1\" 404 169 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\nlessons.example.com 192.168.0.1 - - [09/Jun/2020:12:10:39 -0700] \"GET /A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4 HTTP/1.1\" 206 7648063 \"http://lessons.example.com/A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4\" \"Mozilla/5.0 (Linux; Android 5.1.1; KFFOWI) AppleWebKit/537.36 (KHTML, like Gecko) Silk/81.2.16 like Chrome/81.0.4044.138 Safari/537.36\"\nlessons.example.com 192.168.0.1 - - [09/Jun/2020:12:15:39 -0700] \"GET /%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D1%88%D0%BA%D0%BE%D0%BB%D0%B0%20-%20InternetUrok%201%D0%BA%D0%BB%D0%B0%D1%81%D1%81/ HTTP/1.1\" 206 7648063 \"http://lessons.example.com/A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4\" \"Mozilla/5.0 (Linux; Android 5.1.1; KFFOWI) AppleWebKit/537.36 (KHTML, like Gecko) Silk/81.2.16 like Chrome/81.0.4044.138 Safari/537.36\"",
+                "original": "127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /taga HTTP/1.1\" 404 169 45.324 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\nlessons.example.com 192.168.0.1 - - [09/Jun/2020:12:10:39 -0700] \"GET /A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4 HTTP/1.1\" 206 7648063 \"http://lessons.example.com/A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4\" \"Mozilla/5.0 (Linux; Android 5.1.1; KFFOWI) AppleWebKit/537.36 (KHTML, like Gecko) Silk/81.2.16 like Chrome/81.0.4044.138 Safari/537.36\"\nlessons.example.com 192.168.0.1 - - [09/Jun/2020:12:15:39 -0700] \"GET /%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D1%88%D0%BA%D0%BE%D0%BB%D0%B0%20-%20InternetUrok%201%D0%BA%D0%BB%D0%B0%D1%81%D1%81/ HTTP/1.1\" 206 7648063 \"http://lessons.example.com/A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4\" \"Mozilla/5.0 (Linux; Android 5.1.1; KFFOWI) AppleWebKit/537.36 (KHTML, like Gecko) Silk/81.2.16 like Chrome/81.0.4044.138 Safari/537.36\"",
                 "outcome": "failure",
                 "type": [
                     "access"
@@ -883,7 +883,8 @@
                 "access": {
                     "remote_ip_list": [
                         "127.0.0.1"
-                    ]
+                    ],
+                    "response_time": 45324
                 }
             },
             "related": {
 
@@ -11,7 +11,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.958062590Z",
+                "ingested": "2025-06-03T12:31:49.396736609Z",
                 "kind": "event",
                 "original": "10.0.0.2, 10.0.0.1, 127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /ocelot HTTP/1.1\" 200 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"",
                 "outcome": "success",
@@ -81,7 +81,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.958087114Z",
+                "ingested": "2025-06-03T12:31:49.396750059Z",
                 "kind": "event",
                 "original": "172.17.0.1 - - [29/May/2017:19:02:48 +0000] \"GET /stringpatch HTTP/1.1\" 404 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"",
                 "outcome": "failure",
@@ -149,7 +149,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.958091109Z",
+                "ingested": "2025-06-03T12:31:49.396752609Z",
                 "kind": "event",
                 "original": "10.0.0.2, 10.0.0.1, 67.43.156.14 - - [07/Dec/2016:11:05:07 +0100] \"GET /ocelot HTTP/1.1\" 200 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"",
                 "outcome": "success",
@@ -231,7 +231,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.958094069Z",
+                "ingested": "2025-06-03T12:31:49.396754329Z",
                 "kind": "event",
                 "original": "67.43.156.14 - - [07/Dec/2016:11:05:07 +0100] \"GET /ocelot HTTP/1.1\" 200 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36\"\n\"10.5.102.222, 199.96.1.1, 204.246.1.1\" 10.2.1.185 - - [22/Jan/2016:13:18:29 +0000] \"GET /assets/xxxx?q=100 HTTP/1.1\" 200 25507 \"-\" \"Amazon CloudFront\"\n2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6, 10.225.192.17 10.2.2.121 - - [30/Dec/2016:06:47:09 +0000] \"GET /test.html HTTP/1.1\" 404 8571 \"-\" \"Mozilla/5.0 (compatible; Facebot 1.0; https://developers.facebook.com/docs/sharing/webmasters/crawler)\"",
                 "outcome": "success",
@@ -310,7 +310,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:06.958100802Z",
+                "ingested": "2025-06-03T12:31:49.396756009Z",
                 "kind": "event",
                 "original": "127.0.0.1 - - [12/Apr/2018:09:48:40 +0200] \"\" 400 0 \"-\" \"-\"\nunix: - - [26/Feb/2019:15:39:42 +0100] \"hello\" 400 173 \"-\" \"-\"\nlocalhost - - [29/May/2017:19:02:48 +0000] \"GET /test2 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"\nlocalhost, localhost - - [29/May/2017:19:02:48 +0000] \"GET /test2 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"\n",
                 "outcome": "failure",
 
@@ -7,4 +7,4 @@ example.com:80 "10.5.102.222, 199.96.1.1, 204.246.1.1" 10.2.1.185 - - [22/Jan/20
 67.43.156.15:80 127.0.0.1 - - [12/Apr/2018:09:48:40 +0200] "" 400 0 "-" "-"
 example.com:80 unix: - - [26/Feb/2019:15:39:42 +0100] "hello" 400 173 "-" "-"
 67.43.156.15 localhost - - [29/May/2017:19:02:48 +0000] "GET /test2 HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2" "-"
-example.com localhost, localhost - - [29/May/2017:19:02:48 +0000] "GET /test2 HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2" "-"
+example.com localhost, localhost - - [29/May/2017:19:02:48 +0000] "GET /test2 HTTP/1.1" 200 612 25.647 "-" "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2" "-"
@@ -14,7 +14,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:07.175960670Z",
+                "ingested": "2025-06-03T12:31:52.934925962Z",
                 "kind": "event",
                 "original": "example.com 10.0.0.2, 10.0.0.1, 127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /ocelot HTTP/1.1\" 200 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\nexample.com 172.17.0.1 - - [29/May/2017:19:02:48 +0000] \"GET /stringpatch HTTP/1.1\" 404 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"\nexample.com 10.0.0.2, 10.0.0.1, 67.43.156.14 - - [07/Dec/2016:11:05:07 +0100] \"GET /ocelot HTTP/1.1\" 200 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\nexample.com:80 67.43.156.14 - - [07/Dec/2016:11:05:07 +0100] \"GET /ocelot HTTP/1.1\" 200 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36\"\nexample.com:80 \"10.5.102.222, 199.96.1.1, 204.246.1.1\" 10.2.1.185 - - [22/Jan/2016:13:18:29 +0000] \"GET /assets/xxxx?q=100 HTTP/1.1\" 200 25507 \"-\" \"Amazon CloudFront\"",
                 "outcome": "success",
@@ -88,7 +88,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:07.175984368Z",
+                "ingested": "2025-06-03T12:31:52.934939492Z",
                 "kind": "event",
                 "original": "67.43.156.15 2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6, 10.225.192.17 10.2.2.121 - - [30/Dec/2016:06:47:09 +0000] \"GET /test.html HTTP/1.1\" 404 8571 \"-\" \"Mozilla/5.0 (compatible; Facebot 1.0; https://developers.facebook.com/docs/sharing/webmasters/crawler)\"",
                 "outcome": "failure",
@@ -167,7 +167,7 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:07.175988030Z",
+                "ingested": "2025-06-03T12:31:52.934943871Z",
                 "kind": "event",
                 "original": "67.43.156.15:80 127.0.0.1 - - [12/Apr/2018:09:48:40 +0200] \"\" 400 0 \"-\" \"-\"\nexample.com:80 unix: - - [26/Feb/2019:15:39:42 +0100] \"hello\" 400 173 \"-\" \"-\"",
                 "outcome": "failure",
@@ -218,9 +218,9 @@
                     "web"
                 ],
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-06-18T05:50:07.175991090Z",
+                "ingested": "2025-06-03T12:31:52.934945341Z",
                 "kind": "event",
-                "original": "67.43.156.15 localhost - - [29/May/2017:19:02:48 +0000] \"GET /test2 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"\nexample.com localhost, localhost - - [29/May/2017:19:02:48 +0000] \"GET /test2 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"",
+                "original": "67.43.156.15 localhost - - [29/May/2017:19:02:48 +0000] \"GET /test2 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"\nexample.com localhost, localhost - - [29/May/2017:19:02:48 +0000] \"GET /test2 HTTP/1.1\" 200 612 25.647 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"",
                 "outcome": "success",
                 "type": [
                     "access"
 
@@ -21,7 +21,7 @@ processors:
       patterns:
       - (%{NGINX_HOST} )?"?(?:%{NGINX_ADDRESS_LIST:nginx.access.remote_ip_list}|%{NOTSPACE:source.address})
         - (-|%{DATA:user.name}) \[%{HTTPDATE:nginx.access.time}\] "%{DATA:nginx.access.info}"
-        %{NUMBER:http.response.status_code:long} %{NUMBER:http.response.body.bytes:long}
+        %{NUMBER:http.response.status_code:long} %{NUMBER:http.response.body.bytes:long}(?:\s%{NUMBER:nginx.access.response_time})?
         "(-|%{DATA:http.request.referrer})" "(-|%{DATA:user_agent.original})"
       pattern_definitions:
         NGINX_HOST: (?:%{IP:destination.ip}|%{NGINX_NOTSEPARATOR:destination.domain})(:%{NUMBER:destination.port})?
@@ -189,6 +189,17 @@ processors:
       field: related.user
       value: "{{user.name}}"
       if: "ctx?.user?.name != null"
+  - convert:
+      field: nginx.access.response_time
+      tag: convert_response_time_to_double
+      type: double
+      ignore_missing: true
+  - script: 
+      lang: painless
+      description: This script multiplies the second value of response_time * 1000 to convert to milliseconds.
+      source: |
+        ctx.nginx.access.response_time = (long) (ctx.nginx.access.response_time * 1000)
+      if: ctx.nginx?.access?.response_time != null
   - script:
       lang: painless
       description: This script processor iterates over the whole document to remove fields with null values.