Guys really sorry if this is a repeat Question. I have searched and read almost all the posts on timezone and iis. but i m not able to fix my issue. I guess i m overthinking 
so here is my setup.
windows filebeat sending IIS logs-- logstash -- elastic server.
issue is IIS logs are in UTC . I want them to show up in kibana in CST. so after reading tons of posts this is what i tried .
on filebeat in filebeat.yml i have added
processors:
- add_locale:
format: offset
in logstash i have tried 3 options of timezone one by one and none works.
date {
timezone => "-05:00"
# timezone => "US/Central"
# timezone => "America/Chicago"
match => ["log_timestamp", "YYYY-MM-dd HH:mm:ss", "ISO8601"]
target => "@timestamp"
}
so IIS log has
2019-08-13 03:31:37 XX.X.XXX.XX GET
in logstash file out put it shows as 2019-08-13 03:31:37 and @timestamp is of course 2019-08-13 03:31:37.
I want data to be ingested in my elastic as 2019-08-13 03:31:37 -05:00 i.e 2019-08-12 22:31:37.
what am i missing ?