use org.apache.flume.interceptor.RegexExtractorInterceptorMillisSerializer as the i1 interceptor's serializer
agent.sources.source1.interceptors.i1.type=regex_extractor
agent.sources.source1.interceptors.i1.regex =(\\d\\d\\d\\d-\\d\\d-\\d\\d-\\d\\d.\\d\\d.\\d\\d).\\d\\d\\d\\d\\d\\d[+]\\d\\d\\d\\s+
agent.sources.source1.interceptors.i1.serializers=s1
agent.sources.source1.interceptors.i1.serializers.s1.name=timestamp
agent.sources.source1.interceptors.i1.serializers.s1.type=org.apache.flume.interceptor.RegexExtractorInterceptorMillisSerializer
agent.sources.source1.interceptors.i1.serializers.s1.pattern=yyyy-MM-dd-HH.mm.ss
2. the comparation betwwen flume and logstash refer to Links document
貼上文檔的截圖吧
