I recently installed Elastic Stack 7.8.1 on a CentOS machine. The problem I am facing is that whenever I export CSV through reporting, the time fields get subtracted by 5 hours in output file.
I faced this issue in previous versions installed on Windows server but was fixed when I set timezone in advanced settings to my city.
Now this is not working anymore. I checked online for similar issues and found out that machine's timezone also matters in some cases. My machine's timezone is also the same as I have set in advanced settings in Kibana but the CSV file exported still has the same issue.
What else am I missing?
The Kibana log timestamps are in UTC. There is an open issue to customize this so it shows the server's timezone - https://github.com/elastic/kibana/issues/8499 .
Changing dateFormat::tz in Advanced Settings will change what time is shown in the Kibana timepicker, on the client. Changing that shouldn't affect the timestamp that shows up in the logs, which is always in UTC.
My guess here is that the date formatter in the CSV export isn't converting your time (which is in seconds, as it's stored in Elasticsearch) correctly before trying to format the number into a date string (in Javascript, which expects milliseconds), and that's why you are seeing the wrong date/time.
copying @tsullivan @joelgriffith for more insights .
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.