Logstash-output-syslog incorrect time

bambam · June 21, 2021, 2:57pm

I'm having an issue with using the logstash-output-syslog plugin. The syslog message header is showing a timestamp for UTC and not the timezone for where I'm located. Can someone provide some input on how to change the time so it's displayed in the correct timezone which is +04.

Below is my current logstash-output config

output {
syslog {
host => "server-ip"
severity => "debug"
protocol => "udp"
port => 5000
codec => json
}
}

Below is my input

input {
beats {
port => 5044
client_inactivity_timeout => 1200
}
}

filter {

if [winlog][api] == "wineventlog" {

grok { 
	match => { "message" => "(?<message>.*?)\n" }
	overwrite => ["message"] }	

    mutate { replace => [ "Message", "%{message}" ] }
    mutate { replace => [ "Hostname", "%{[host][name]}" ] }
    mutate { replace => [ "Severity", "%{[log][level]}" ] }
mutate { copy => [ "[@metadata][ip_address]", "[host]" ] }

}

}

system · July 19, 2021, 2:57pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash-output-syslog plugin with different timezone Logstash	2	489	May 3, 2022
Syslog output timezone not maintained like file output Logstash	1	928	July 6, 2017
Logstash Syslog @timestamp incorrect Logstash	9	1930	March 5, 2019
Logstash not applying correct system time to ingestion timestamp Logstash	4	378	July 12, 2023
Different Timezones in syslog for some hosts Logstash	1	242	June 23, 2022

Logstash-output-syslog incorrect time

Related topics