Hello,
My filebeat (data Server ) is in IST Zone and my Elastic timezone is also IST.
When i am parsing the logs .
according to my use case I provided dynamic mapping to my index and my dynamic mapping is
PUT /requestme
{
"settings" : {
"index" : {
"number_of_shards" : 2,
"number_of_replicas" : 0
}
},
"mappings": {
"doc": {
"date_detection": true,
"properties": {
"created": { "type": "date",
"format": "yyyy-MM-dd HH:mm:ss||yyyy-MM-dd||epoch_millis"
}
},
"dynamic_templates": [
{
"integers": {
"match_mapping_type": "long",
"mapping": {
"type": "integer"
}
}
},
{
"strings": {
"match_mapping_type": "string",
"mapping": {
"type": "keyword"
}
}
}
]
}
}
}
and according to my use case I am having a received field in my logs and I renamed it to a created field and mapped to @timestamp field in logstash
date {
match => [ "created", "yyyy-MM-dd HH:mm:ss" ]
timezone => "UTC"
target => "@timestamp"
}
Now I am getting different time for the same log in Kibana as a JSON and as a table
Please find the screenshot below for both
as you can see that JSON time for the created and @timestamp in JSON is different as compared to table in both screenshot and I in JSON the created field time is the real time of the log.
Please help me to clear the doubt and solve this issue
