Kibana showing incorrect timestamp

Mustafa_NAJIB · October 13, 2021, 1:22pm

Hello,
When creating an index you must pay attention to the time field that you choose in the 2nd step you must choose the logdate, not the indexing time.

i have done a test with this log line in case you have to change only the timezone :

**2021-10-12T21:05:55.825681|aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa**

Filter :

filter {
  
    grok {
      match          => {
        "message"    => [
          "^%{TIMESTAMP_ISO8601:logdate}\|%{GREEDYDATA}",
          "%{GREEDYDATA:FAILPARSE}"
        ]
      }
    }
   
   date {
      match    => [ "logdate", "ISO8601", "yyyy-MM-dd HH:mm:ss.SSSSSS" ]
      timezone => "GMT"
      target   => "TIMESTAMP"
    }
  }

OUTPUT :

{
  "TIMESTAMP": "2021-10-12T21:05:55.825Z",
  "logdate": "2021-10-12T21:05:55.825681",
  "message": "2021-10-12T21:05:55.825681|aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
}

Topic		Replies	Views
Kibana displays wrong time Logstash	4	1011	May 14, 2020
Elasticsearch kibana time issue Kibana	3	1264	July 6, 2017
Kibana show wrong time compared to the time value indexed in Elasticsearch Kibana	4	5043	July 6, 2017
Time Filter not working in kibana 7.4 Kibana	7	2888	November 27, 2019
@timestamp field in Kibana is different from @timestamp field in index entry Kibana	5	13329	February 22, 2017

Kibana showing incorrect timestamp

Related topics