I am trying to add the logstash ingest time to my logs and facing the issues where Kibana display the time with 7 hours off. Example see below:
Current time at my location is 10/15/2018 14:03
This is what Kibana shows:
This is the time in the JSON tab of the document
"fields": {
"logstash_time": [
"2018-10-15T14:03:51.000Z"
],
"@timestamp": [
"2018-10-15T19:03:49.654Z"
],
"@ingest_Time": [
"2018-10-15T14:03:51.000Z"
]
},
Expected results:
"fields": {
"logstash_time": [
"2018-10-15T19:03:51.000Z"
],
"@timestamp": [
"2018-10-15T19:03:49.654Z"
],
"@ingest_Time": [
"2018-10-19T14:03:51.000Z"
]
},
My Logstash code for this :
ruby {
code => "event.set('logstash_time' , Time.now.strftime('%FT%TZ'))"
}
date {
match => [ "logstash_time", "ISO8601"]
timezone => "America/Chicago"
target => "@ingest_Time"
}
How can I remove the 7 hours difference? I tried changing format in the kibana setting--> advanced setting --> dateFormat:tz with no luck
As you can see that I use Date timezone filter and it doesnt work as well.
I think a line of ruby code might fix it but I have no idea how. Please help!