Filebeat parsing logs with timedate utc

dmrlixos · September 12, 2018, 5:33pm

Hi
I have running a server with filebeat to parse all linux centos log files.

My filebeat.yml be default:

filebeat.inputs:

type: log
enabled: true
paths:

/var/log/*.log
document_type: syslog

Output direct to elasticsearch:9200

Until here everything works fine, but I have a problem with @timestamp

Filebeat parse the log with timestamp UTC
We use here America/Sao_Paulo, the diference from UTC.

is possible to parse the logs with filebeat using timezone America/Sao_Paulo.
Actuality I have a delay of 3 hours to see the information parse logs.

Some can help me!
thanks

Carlos_Magalhaes · September 19, 2018, 8:27pm

I am having the same issue, trying to get it to parse with timezone GMT + 2 and I am getting - 18hours

dmrlixos · October 2, 2018, 1:00pm

Hi Carlos,

I resolv this in kibana, searching the template and put the timestamp format date directy in template.
Here for me resolv and works fine.

system · October 30, 2018, 1:01pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.