Hi Experts,
We are trying to convert a field to a timefield but we are unable to get the correct data out of the following date filter:
date {
match => ["[data][START_TIME]","yyyy-MM-dd HH:mm:ss"]
target => "[data][START_TIME]"
}
Sample data: 2018-11-23 16:34:59
Expected Result in Kibana: November 23th 2018, 16:34:59.000
Actual Result in Kibana: November 24th 2018, 00:34:59.000
Any ideas about this? Thank you in advanced.
Regards,
Peter
Timestamps in Elasticsearch are always in UTC timezone, which I suspect will explain the offset.
Hi Christian,
Thanks for the response. We didn't change anything to the logstash config and to verify this, we just changed the settings on Kibana to UTC but still seems incorrect. Any ideas how to fix this?
Sample data: 2018-11-28 10:11:26
Expected Result in Kibana: November 28th 2018, 10:11:26.000
Actual Result in Kibana: November 28th 2018, 09:11:26.000
Get API Result: "2018-11-28T09:11:26.000Z",
Also, I've noticed that in our development environment this works fine with the same logstash configuration and same timezone settings in Kibana (UTC)
Sample data: 2018-11-23 16:34:59
Expected Result in Kibana: November 23th 2018, 16:34:59.000
Actual Result in Kibana: November 26th 2018, 16:34:59.000
Get API Result: "2018-11-26T16:34:59.000Z",
Regards,
Peter
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.