Difference in time between timestamp and @timestamp

Hari_Krishna · May 7, 2020, 5:50am

I have written the date filter as follows

date {
        match => ["timestamp","yyyy-MM-dd HH:mm:ss.SSSSSSSSS"]
        target => "@timestamp"
        timezone => "Asia/Kolkata"
     }

timestamp : 2020-04-17 12:10:15.792310475
@timestamp : Apr 17, 2020 @ 06:40:15.792

I see that there is 5:30 hrs difference between the timestamps.
i tried changing the timezone but it didnt work.

Rahul_Kumar4 · May 7, 2020, 10:39am

It looks like it is doing what you want it to. There is a 5:30 hrs of time difference between UTC (which your timestamp probably represents) and ASIA/Kolkata.

Hari_Krishna · May 7, 2020, 10:52am

date {
        match => ["timestamp","yyyy-MM-dd HH:mm:ss.SSSSSSSSS"]
        target => "@timestamp"
     }

This is my original date filter. It gave me the above result.
So i tried setting the timezone to Asia/Kolkata.
But it gave me the same result

Badger · May 7, 2020, 4:01pm

@timestamp is always in UTC, because elasticsearch always stores dates as UTC (kibana then translates them into the browser's timezone). The timezone option on the date filter is used to tell it what timezone the log file uses.

Hari_Krishna · May 7, 2020, 4:04pm

Okay. But i tried setting the timeszone but it gives me the same output

system · June 4, 2020, 4:04pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How can I change the @timestamp match my timestamp? Logstash	3	737	July 6, 2017
Logstash filter date Logstash	3	283	November 11, 2018
Logstash date filter match timestamp issue Logstash	6	435	August 13, 2020
Timestamp not match Logstash	2	489	November 8, 2019
Logstash date filter changing my time automatically Logstash	2	432	June 19, 2018

Difference in time between timestamp and @timestamp

Related topics