If you are on UTC+2 then Kibana is correctly converting the time from UTC to your local timezone, I don't think anything needs to be changed here.
For example, you have an event that was logged using amsterdam timezone and you correctly informed the date filter about it so the event could be converted to UTC, but you are also using Kibana on a third different timezone, which is UTC+2, you will have this:
- Original timestamp:
Feb 7 15:37:45 - UTC timestamp:
Feb 7 14:37:45 - Kibana timestamp:
Feb 7 16:37:45
Those are all the same time, so not sure what you want to change here.
All your times are already correct as mentioned before.
15:37 (UTC +1) = 14:37 (UTC) = 16:37 (UTC+2).
If you subtract one hour of original log and still use the timezone as Amsterdam, you are basically telling that you event happened one hour earlier.
I strongly recommend against changing the original log by subtracting or adding times as this can lead to inconsistency to other log sources and also some confusion to people using Kibana.
If you want Kibana to show the field syslog_timestamp also converted to UTC, you will need to map this field as a date field.