Hello,
I'm having ELK 5.6.2 with redis 4.0.2.My environment like below,
Filebeat (syslog) => Redis => Logstash =>ES =>Kibana
Both machines are synchronized with time but @timestamp and system.syslog.timestamp are mismatched.so that I get 5.30 hrs previous (UTC) data. My time zone is Asia/Kolkata (UTC+5.30).
Any suggestions?Thanks in advance.
I recommend using UTC as the timezone on all machines. Syslog does not include the timezone info in messages it logs which causes the problem. See Filebeat 'system' module assumes UTC in ingest pipeline · Issue #3898 · elastic/beats · GitHub
Thank you, Andrew Kroh,
My servers which are going to enable centralized log are configured in IST, so IST better for me. Let me try "https://github.com/elastic/beats/issues/3898" .
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.