Filebeat local date wrong

Puk · July 31, 2017, 1:14am

Total newbie here trying to get ELK Stack working in a test environment first ahead of deploying. I've managed to get everything working fine, including Winlogbeat and metricbeat, but filebeat for my linux hosts is giving me issues.

I have it shipping logs (messages and secure) fine, but when I search them in Kibana the date is wrong in the region of -14hrs.

When I run filebeat -e -v "publish" I can see the timestamp there is incorrect so thats where it is going wrong but I don't know how to change it. My server timestamp itself is correct and the time/date is correct in the message section of the log, but the @timestamp is not.

Any ideas?

Puk · July 31, 2017, 3:25am

Fixed it. Removed the filebeat client and re-installed from the same RPM and its working fine now with the correct date. No idea why it went wrong the first time as nothing has changed.

system · August 28, 2017, 3:26am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat syslog with wrong @timestamp Beats filebeat	5	1443	October 8, 2019
Wrong Date Kibana elastic-stack-monitoring , elastic-stack-alerting	4	644	December 16, 2019
Filebeat incorrect timestamp Beats filebeat	3	1958	August 3, 2019
Wrong timestamp from metricbeat 6.3.0 Beats metricbeat	7	915	August 9, 2018
Filebeat Nginx error module @timestamp wrong in Kibana Beats filebeat	4	1459	July 4, 2018

Filebeat local date wrong

Related topics