Hi,
We have 2 servers set- one for Elasticsearch and the other for Kibana (ES version-7.5.1 and Kibana's version- 7.5.2 respectively). Both servers have their timezone set to IST. No filebeat or collector is being used anywhere.
A time index is created on ES namely "searchedOn" with date type and format yyyy-mm-dd:HH-mm-ss. As soon as search is placed on my application, information gets logged into ES perfectly.
On Kibana the data gets logged without any hassle(under normal dashboard). But when I try to add a filter to modify my search on the basis of " _id/phrase/searched By/searchedOn'' or anything, I get data under "Today's" filter and "1 weeks" filter only. For filters like " 15 minutes/30 minutes/1 hour/24 hours" I get an error saying "Expand your time range".
I have tried to inspect the dashboard data request and response. For Today/1 week filter the information I receive is :
searchedOn": {
"format": "strict_date_optional_time",
"gte": "2020-07-15T00:00:00.000Z",
"lte": "2020-07-15T23:59:59.999Z"
And for any other filter(24 hours/last 7 days etc) :
"searchedOn": {
"format": "strict_date_optional_time",
"gte": "2020-07-08T11:45:32.680Z",
"lte": "2020-07-15T11:45:32.680Z"
Even under normal dashboard(when no search filter is added to search data) the Inspect shows 2 different gte and lte values. For Today/1 week it shows current date time as per my Time Zone (Asia/Calcutta). But for other Time filters it shows the date time for -5:30 hrs.
Data getting logged is not incorrect but there is some loophole in Time zone because of which I am unable to identify my exact data count.
Any help would be highly appreciated.
Thanks in advance.