Es cant show the lastest message

hi
why elk7.0 cant show the latest message.
as the picture shows,the timestamp cant match the logs.
%E5%9B%BE%E7%89%87
system date is right.
How do I locate the problem?3ks

emmm no reply?

How are you indexing the data into Elasticsearch? Extracting log timestamp and storing it in a timestamp field is something you need to do before indexing the document.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.