8 hours difference in time zone

chenzilong444 · April 3, 2018, 9:11am

elasticsearch { 
					hosts => localhost	  	
					index => "logstash(%{+YYYY.MM.dd})"  
					document_type =>"logstash"
					flush_size=>1000 
				idle_flush_time=>15
					}

i didn‘’t set date in logstash
@timestamp April 1st 2018, 00:13:49.395
_index logstash(2018.03.31)
i don‘t know why

Christian_Dahlqvist · April 3, 2018, 9:43am

That is based on the @timestamp field, which is always in UTC.

chenzilong444 · April 3, 2018, 9:51am

can i save my time zone logstash(%{+YYYY.MM.dd}?
maybe change @timestamp

Christian_Dahlqvist · April 3, 2018, 9:55am

Elasticsearch assumes timestamps are in UTC, so changing this will likely cause problems in other areas. You may be able to create a separate date string you can use based on the original timestamp.

Why do you need the index name to be based on the local timezone?

chenzilong444 · April 3, 2018, 10:00am

because i need statistics events daily
but some events before 8 o‘’clock today's Report in the yesterday index

Christian_Dahlqvist · April 3, 2018, 10:02am

What does the original event and timestamp look like?

chenzilong444 · April 3, 2018, 10:11am

like that 2018-04-03T09:54:24.744Z？

Christian_Dahlqvist · April 3, 2018, 10:24am

Where is your data coming from?

chenzilong444 · April 3, 2018, 11:12am

logstash stdout

Christian_Dahlqvist · April 3, 2018, 11:29am

Where are you collecting it from? Can you post a sample event?

Topic		Replies	Views
Logstash output elasticsearch a day index but curent day index contain two days data (curent day and next day_) Beats filebeat	6	627	May 25, 2017
ElasticSearch indexing events from previous date into current date logstash-* folder Logstash	6	2031	July 6, 2017
Logstash => ES, Timezone and IndexName Logstash	4	2730	August 22, 2017
Logstash Output to Elasticsearch Timezone Logstash	5	2115	August 23, 2017
I want to save index by my own time zone Logstash	3	398	May 11, 2018

8 hours difference in time zone

Related topics