It seems the Kibana clock time setting is different from Elasticsearch, so when I posted index into Elasticsearch, I can see that immediately from Elasticsearch, but can't see it with Kibana "Discover" if I set time interval to "last 15 mins" or "last hour". If I change time interval to "last 24 hours" or "Today" I can see it.
I saw some suggestion to use advanced setting to change clock time from "Browser" to "UTC", but it didn't work for me. Please help.
I would first check the clock time on the servers which elasticsearch nodes are installed. If you are using Linux you can check with date command.
All timestamps in documents indexed into Elasticsearch must be in UTC timezone. If your data does not adhere to this it could explain what you are seeing. Kibana will automatically adjust for the local timezone and change this to UTC in the underlying query. Changing Kibana to assume UTC timezone removes this timezone translation.
Which timezone are you in? What does a document you expect to find in this 15 minute interval look like? What is the local and UTC time when you run the query?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.