Incorrect time in @timestamp field

d.silwon · April 15, 2022, 8:44am

Dears,

I have some odd problem with @timestamp field in my indices which include incorrect time i.e. minus two hours. Logstash should populate time to @timestamp from logs on the base of this:

if ("" in [hi.my_date]) {
  date {
  	match => ["hi.my_date", "YYYY-MM-dd'T'HH:mm:ss.SSS"]
  	timezonde => "Europe/Warsaw"
  	target => "@timestamp"
  }
}

What is wrong in my configuration? Is there anything I don't know about the @timestamp field?

Best Regards,
Dan

ylasri · April 15, 2022, 11:23am

@timestamp will be always stoted in UTC at Elasticsearch index level
What's the issue ?

d.silwon · April 15, 2022, 11:28am

@ylasri ok, it is clear now for me. I didn't know about it.
Where is it described in the Elasticsearch documentation? Could you give me some link to the Elasticsearch documentation which describe it, please? Thanks

ylasri · April 15, 2022, 11:41am

Check it here

d.silwon · April 15, 2022, 11:43am

@ylasri thanks a lot

Topic		Replies	Views
Elastic @timestamp off by almost 3 years Elasticsearch	3	413	July 25, 2018
ELK stack - @timestamp issue Logstash	2	432	August 9, 2020
Problem with @timestamp Elasticsearch	7	412	July 16, 2020
@timestamp Date Formatter in Elastic Search 1.1.1 .. Logstash 1.4.2 Elasticsearch	1	375	July 6, 2017
Timezone with logstash Logstash	7	8448	December 8, 2016

Incorrect time in @timestamp field

Related topics