Formatting @timestamp in Canvas

bkleynbok · October 10, 2019, 6:06pm

In ELK Stack 7.3 using Kibana and Canvas.
So the issue I discovered in formatting @timestamp into a date time.
This is the original message :

{"@timestamp":"2019-10-08T16:35:14.455Z","hostname":"MYHost2","ip":"2.2.2.2","vm":"VM Desc 2","status":"UP","latency":"2ms"}

This is my Elastic Search output
{
"_index": "boris-topic",
"_type": "_doc",
"_id": "3wqosW0BN-pLbXvgd41G",
"_version": 1,
"_score": null,
"_source": {
"vm": "VM Desc 2",
"@timestamp": "2019-10-08T16:35:14.455Z",
"ip": "2.2.2.2",
"status": "UP",
"hostname": "MYHost2",
"@version": "1",
"latency": "2ms"
},
"fields": {
"@timestamp": [
"2019-10-08T16:35:14.455Z"
]
},
"sort": [
1570552514455
]
}

This is from Canvas:

filters
| essql
query="SELECT "@timestamp" as time, hostname FROM "boris-topic*"
where hostname is not null"
| mapColumn time fn={ getCell time | formatdate format="dddd, MMMM Do YYYY, hh:mm:ss" }
| table paginate=true showHeader=true
| render

The original field had "@timestamp": [
"2019-10-08T16:35:14.455Z"

This is in Kibana:

In Kibana the @timestamp is Oct 8, 2019 @ 12:35:14.455

The datetime on the canvas is wrong
Please help!

tylersmalley · October 10, 2019, 8:06pm

I believe you're running into a timezone issue, which is something being tracked here: https://github.com/elastic/kibana/issues/33959

bkleynbok · October 10, 2019, 8:17pm

I understand that @timestamp is in UTC format. When I set the dateFormat:tz as UTC I would see same format in both Discover Table and JSON.

In Canvas I am not able to change format to my timezone. I tried many ways however I can only see the UTC format.

bkleynbok · October 11, 2019, 6:36pm

Is there a workaround for this time format issue?

system · November 8, 2019, 6:36pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.