Hi Team
I want to match the timestamp with date from logs. But in kibana I see different time for timestamp and logdate. why is this happening and how to resolve this ?
Kibana data
Logstash.conf
Any suggestions would be helpful.
Thank you
Dates in elasticsearch are always stored as UTC. kibana will transform them into the local timezone. If the dates in your logfile are not UTC then use the timezone option on the date filter to tell logstash what timezone they are in.
1 Like
Got it. @Badger. Thank you
Also, In Kibana index patterns I'm seeing logdate type as string. Is that correct or it should be of type date as I'm applying date filter ?(please refer to above logstash.conf file)
The date filter does not modify the field it matches, it just modifies the target.
1 Like
I just realized instead of changing the timezone in logstash.conf file, we can change the settings in kibana.
Go to Kibana -> Stack Management -> Advanced Settings -> Timezone
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.