Hello,
I faced an issue that when I send the data from the data source to logstash and elastic the data reach Kibana with a specific time but when Kibana display the records the time on it is delayed for 7 minutes as below in the picture:
the first time is the time provided by Kibana and the second time is the time provided by the source of the data
any solution for this problem?
That difference comes from any processing done in Logstash and indexing done in Elasticsearch. If you want to keep the timestamp from the data to query on, I would suggest copying the timestamp at ingest time in Logstash to a new field and use that as the default time field for your Data View.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
