Incorrect time in @timestamp field

d.silwon · April 15, 2022, 8:44am

Dears,

I have some odd problem with @timestamp field in my indices which include incorrect time i.e. minus two hours. Logstash should populate time to @timestamp from logs on the base of this:

if ("" in [hi.my_date]) {
  date {
  	match => ["hi.my_date", "YYYY-MM-dd'T'HH:mm:ss.SSS"]
  	timezonde => "Europe/Warsaw"
  	target => "@timestamp"
  }
}

What is wrong in my configuration? Is there anything I don't know about the @timestamp field?

Best Regards,
Dan

ylasri · April 15, 2022, 11:23am

@timestamp will be always stoted in UTC at Elasticsearch index level
What's the issue ?

d.silwon · April 15, 2022, 11:28am

@ylasri ok, it is clear now for me. I didn't know about it.
Where is it described in the Elasticsearch documentation? Could you give me some link to the Elasticsearch documentation which describe it, please? Thanks

ylasri · April 15, 2022, 11:41am

Check it here

d.silwon · April 15, 2022, 11:43am

@ylasri thanks a lot

system · May 13, 2022, 11:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
@timestamp always 8h exact more than the matching time? Logstash	3	420	July 6, 2017
Timezone with logstash Logstash	7	8337	December 8, 2016
Elastic @timestamp off by almost 3 years Elasticsearch	3	376	July 25, 2018
@timestamp Field Different In ElasticSearch from Index Elasticsearch	3	757	February 4, 2020
Logstash not applying correct system time to ingestion timestamp Logstash	4	375	July 12, 2023

Incorrect time in @timestamp field

Related topics