Hello,
I'm trying to configure an ingest pipeline using Kibana. I'm ingesting data into Elasticsearch using filebeat and this pipeline. Among other fields, I'm ingesting the document's timestamp. To "parse" the date from the input into Elasticsearch I'm using the Date processor. I want to specify that the timestamp that I'm ingesting is not in UTC but in my server's local timezone.
How can I configure the processor to use my local timezone?
Best regards,
Thank you for your answer. I understand that I have to configure the timezone option. However, I'm not sure of the option that I should specify to set the timezone to 'local' or 'browser'
The timezone in the date processor should be set to the timezone of your log that is using your server local timezone as you said.
So you need to get the name of the timezone that your server is and put this in the timezone option in the date processor.
For example, if the timestamp in the logs messages are in the New York timezone, you would use America/New_York in the date processor.
Thanks.
I set my timezone manually and it worked. I wanted to know if this timezone could be automatically set based on my server. As far as I understand (from your answert) it is not possible.
However, this is the solution. Thanks again.
What are you using to ship the logs to elasticsearch?
Filebeat or Elastic Agent should do this for you assuming your server has the correct timezone
I'm using filebeat
So check the timezone of the server.... filebeat uses the timezone of the server when it ships logs, it does convert that to UTC
so you can test this by setting adding the locale
processors:
- add_locale: ~
And then run and look at the output and check to see if it is accurate
example
{"@timestamp":"2023-04-06T15:46:19.877Z","@metadata":{"beat":"filebeat","type":"_doc","version":"8.6.2"},"event":{"timezone":"-07:00"} ....
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.