Logstash Date and Kibana Issues

wwalker · July 30, 2019, 4:31am

Not really sure where this goes but it isn't getting any bites in the Logstash forums so...

I have a field that tracks when a ticket was created, sys_created_on. The time is in local timezone, -05:00 currently. I have the following logstash config:

  date {
    match => [ "sys_created_on", "yyyy-MM-dd HH:mm:ss" ]
    timezone => "America/Chicago"
  }

In Kibana, I am using the @timestamp field as the time field. When events come up in Kibana, they show a time that is five hours in the future. When I look at the JSON data, it is showing a timestamp 10 hours in the future. What the hell am I doing wrong??

Aaron_Caldwell · July 30, 2019, 3:46pm

Hello,

I do think this belongs in the Logstash forum so I'll move it back over, but I did find this similar issue which may help!

Regards,
Aaron

Badger · July 30, 2019, 3:53pm

Is sys_created_on a string? Also, what does your input look like? I am wondering if you are fetching from a DB and the input is doing the conversion to the local timezone or something like that.

wwalker · July 30, 2019, 4:14pm

http_poller pulls from an API endpoint that delivers the data in a json formatted document. The value is a string in the json and is local time.

system · August 27, 2019, 4:14pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Date Filter Woes Logstash	2	243	August 27, 2019
Timezone issue with logstash date filter plugin Logstash	4	1559	June 27, 2020
Problems with date fields Kibana	6	550	March 12, 2018
Issues with dates/times that don't have a timezone (Logstash/Kibana) Logstash	8	5174	December 20, 2016
Kibana Timezone settings Logstash	5	11955	February 16, 2017

Logstash Date and Kibana Issues

Related topics