Es cant show the lastest message

why elk7.0 cant show the latest message.
as the picture shows,the timestamp cant match the logs.
system date is right.
How do I locate the problem?3ks

emmm no reply?

How are you indexing the data into Elasticsearch? Extracting log timestamp and storing it in a timestamp field is something you need to do before indexing the document.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.