Date formatting yyyy.MM.dd

VeeT · October 9, 2020, 3:26pm

I have a Date input in yyyy.MM.dd format but is getting converted to yyyy.MM.dd HH:mm:ss.ZZZ with the time getting set to "20:00:00.000".

For example, the Date in put is "2020.10.09" but it's getting displayed in Kibana as "Oct 8, 2020 @ 20:00:00.000".

I have the following index mapping for Date:
"Date" : {
"type" : "date",
"ignore_malformed" : false,
"format" : "yyyy.MM.dd||strict_date_optional_time||epoch_millis"
},

We are using ELK 7.6.

How do I keep the date as yyyy.MM.dd in Elasticsearch?

Thanks!
Vee

aaron-nimocks · October 9, 2020, 4:22pm

Not sure where you are seeing the date or how you are looking to use it, but try adjusting the advanced settings and if that gives you what you are looking for.

VeeT · October 9, 2020, 5:16pm

Hi Aaron,
The conversion is happening in Elasticsearch, but I'm viewing in Kibana.

This is the input Date that was sent to Logstash:

This is the output Date that was parsed to display in Kibana:

The goal is to either display Oct 9, 2020 or Oct 9, 2020 00:00:00.000 since there was no time sent as input.

Thanks!
Vee

amorrow · October 9, 2020, 7:26pm

My guess is the date field in the Elasticsearch entry is 2020.10.09 00:00:00.000 UTC. Kibana uses the timezone of your browser to convert the UTC time to your local time. 2020.10.09 00:00:00.000 UTC is 20:00:00 in Easter Daylight time.

Pipelines can set the timezeone for a date field during ingestion. Check out the examples at https://www.elastic.co/guide/en/elasticsearch/reference/current/date-processor.html. When processed the UTC timestamp is offset based on the selected timezone.

VeeT · October 13, 2020, 4:48pm

Thanks Tony.

Do you know if it's possible to just get the date as an input without the timestamp?

amorrow · October 13, 2020, 5:53pm

I do not. I've only worked with logs that contain date-time values. How are you taking your event and breaking it apart to get the date field? Both Logstash and Beats can be used to add a timezone to a date from the event. Maybe you can it there.
Logstash: https://www.elastic.co/guide/en/logstash/current/plugins-filters-date.html#plugins-filters-date-timezone
example:

filter {
    date {
        timezone => "America/New_York"
        match => ["date", "yyyy.MM.dd" ]
    }
}

Filebeat: https://www.elastic.co/guide/en/beats/filebeat/current/add-locale.html

VeeT · October 16, 2020, 3:26pm

Thanks Tony. The data is sent to us with a format of yyyy.MM.dd.

system · November 13, 2020, 3:26pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Date format in Elasticsearch Logstash	9	1255	December 16, 2021
Date times SQL and output differents values Logstash	12	1646	March 2, 2020
Date field display issue in Kibana Kibana	8	1098	September 1, 2017
Kibana converts any date and month to a specific date and month Kibana	4	671	June 10, 2021
Display date without time in Elasticsearch Kibana	6	2303	December 14, 2020

Date formatting yyyy.MM.dd

Related topics