Hi
My wazuh manager timezone is -> Asia/Kolkata (IST, +0530)
My Elastic server timezone is -> Asia/Kolkata (IST, +0530)
In ossec log file logs are coming into this timezone .
In kibana.yml it sets as UTC
and in Kibana UI, Advances setting it sets as "Browser"
I have not using any date processor in filebeat configuration file .
I simply send the log from Filebeat to ELK .
But logs are coming late like 6 hours late in Kibana discover UI page.
Can you guys help with these problem?
Hi
Is the timestamp persisted in the records in Elasticsearch correct? Is it just displayed wrong in the Kibana UI? Which version of Kibana are you using? Did you try switching the "Browser" timezone to Asia/Kolkata?
Thx & Best,
Matthias
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.