Time difference in log times

rj23495 · December 2, 2019, 12:21pm

Hi, i have added a new time field for my log parser and there is a time difference of 2:30 in time that is recorded in ES and the log time. PFA.

grok { match => { "message" => "%{TIMESTAMP_ISO8601:time} \[%{DATA:pool}\] %{DATA:metric} %{DATA:metricname} %{DATA:datatype} %{NUMBER:metricvalue:float} %{GREEDYDATA:unit}" } }
date { match => [ "time" , "ISO8601", "yyyy-MM-dd HH:mm:ss.SSS" ]
                   target =>"time" }

Badger · December 2, 2019, 3:21pm

Timestamps in logstash and elasticsearch are always stored in UTC. The timezone option to the date filter is used to tell it what timezone the logs are in.

system · December 30, 2019, 3:21pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch / logstash Log time shift Logstash	7	220	June 7, 2023
Difference in time between timestamp and @timestamp Logstash	5	2486	June 4, 2020
The time difference is nine hours Elasticsearch	2	371	August 2, 2018
Logstash date filter changing my time automatically Logstash	2	432	June 19, 2018
Timestamp not match Logstash	2	489	November 8, 2019

Time difference in log times

Related topics