How to use Kibana to display the localtime for dashlets?

sudhakar_katakara · February 15, 2019, 8:27pm

We are inserting each record in elasticSearch index(test_elastalert1) with having two time fields(from python code) as below

"time" : datetime.utcnow().isoformat()+'Z',

"local_time" : datetime.now()

Below are the corresponding values for record in index,test_elastalert1:

"local_time":"2019-02-15T13:36:43.248000",

"time":"2019-02-15T19:36:43.248000Z"

We have inserted multiple records in index and able to see the total count when I run match_all DSL query. But the count is not getting displayed correctly when I search last one hr. whereas if I select last 12hrs the data is displaying with local time stamp. I tried with local_time and time in “date Histogram” .

Marius_Dragomir · February 22, 2019, 9:15am

Kibana uses the Browser timezone by default when displaying documents and working with time. You can set it in the Advanced settings and then you can check again your queries to see if it works as you want it then.

Christian_Dahlqvist · February 22, 2019, 9:21am

Elasticsearch and Kibana assumes/requires all timestamps stored to be in UTC timezone. If you are storing fields in a different timezone you are therefore see data offset.

system · March 22, 2019, 9:21am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.