I am new to using the ELK stack and running into the following problem ->
I have a CSV file with the following format ->
"string1" , "string2" , "string3" , "2016-06-26" , "string4"
My mapping in elasticsearch creates properties for strings 1,2,3 and 4 of type string and a property of type date with the following format : yyyy-MM-dd"
My date filter looks like ->
date {
match => ["Timestamp", "yyyy-MM-dd"]
target => "@timestamp"
}
So far all is good .
I can see in Kibana that @timestamp is as expected , ( same as Timestamp )
However , I can't seem to get the following sorted out ->
(1) My date is off by one . For example , if my date string in my csv file is 2016-06-26 , it shows up as 2016-06-25 in elasticsearch/kibana .
(2) The timepicker in Kibana doesn't work . Even assuming dates off by one , if i filter for records between 1 may 2016 to 31 may 2016 I would have expected it to show something . But this filtering does not work .
- note that i am able to build visualizations and dashboards and all the records get indexed .
Any help highly appreciated .