@Bargs I am pretty sure I am sending America/Chicago timezone to Elasticsearch. How would I confirm that? Would that be in the output section on the Logstash config?
The min and max datetime in the _field_stats are correct (or at least match the filter I am setting in Kibana). I don't know how to confirm that the indices are there. How would I go about that? I see this in the Response tab (in the devtools):
_shards: Object
total:85
successful:85
failed: 0
indices: Object (this has an arrow, that you can expand but nothing is listed under this object)
Not real sure how to query Elasticsearch with the same date range. I was able to to query it with this and it pulled up some results.
localhost:9200/logstash-2016.03.11/_search?q=@timestamp:*&pretty=true
One thing I noticed was the "z" at the end of the timestamp. Is that normal. Here's what Elasticsearch is showing
"@timestamp" : "2016-03-11T15:57:27.000Z"
Thanks again for the help.