Can't change timezone when convert time from unixtime

neolithik · June 7, 2016, 12:22pm

hi i have same string in log :
1465301456.359 127.0.0.1 127.0.0.1 0.036 GET /cashier/manipulation/searchDBy
as you see date in hear in unix format so i'm use date filter

date {

#match => ["msec", "YYYY.MM.dd HH:mm:ss", "UNIX"]
match => ["msec", "UNIX"]
target => "msec"
timezone => "Europe/Kiev"
}
but still parsing get a date in UTC
@timestamp June 7th 2016, 15:10:02.159
msec 2016-06-07T12:10:56.359Z

how i can convert unix time not UTC

theuntergeek · June 7, 2016, 12:39pm

The date filter is designed to translate a timestamp into ISO8601 format, typically in "Zulu" time notation (the Z at the end of the line), which implies UTC time. By definition, a unix timestamp is already considered to be UTC time, so I believe any specified timezone would be ignored for such a conversion.

neolithik · June 7, 2016, 12:53pm

If I understand correctly, then I can not change the time zone in the converted date?

warkolm · June 7, 2016, 11:22pm

No, because unix epoch is in UTC

Topic		Replies	Views
Change time zone using date filter Logstash	6	3950	March 15, 2023
Date filter plugin doesn't take the timezone into account when using ISO8601 Logstash	4	520	October 4, 2021
Timezone for date filter seems not working Logstash	2	2423	July 6, 2017
Unix_ms time to date Logstash	3	4255	March 20, 2020
Convert timestamps to UTC(UNIX) from PST,IST Logstash	9	2191	August 29, 2019

Can't change timezone when convert time from unixtime

Related topics