I have written the date filter as follows
date {
match => ["timestamp","yyyy-MM-dd HH:mm:ss.SSSSSSSSS"]
target => "@timestamp"
timezone => "Asia/Kolkata"
}
timestamp : 2020-04-17 12:10:15.792310475
@timestamp : Apr 17, 2020 @ 06:40:15.792
I see that there is 5:30 hrs difference between the timestamps.
i tried changing the timezone but it didnt work.
It looks like it is doing what you want it to. There is a 5:30 hrs of time difference between UTC (which your timestamp probably represents) and ASIA/Kolkata.
date {
match => ["timestamp","yyyy-MM-dd HH:mm:ss.SSSSSSSSS"]
target => "@timestamp"
}
This is my original date filter. It gave me the above result.
So i tried setting the timezone to Asia/Kolkata.
But it gave me the same result
@timestamp is always in UTC, because elasticsearch always stores dates as UTC (kibana then translates them into the browser's timezone). The timezone option on the date filter is used to tell it what timezone the log file uses.
Okay. But i tried setting the timeszone but it gives me the same output
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.