Had one more thought. Are you using the same time field in Timelion and in your index pattern? I see you're using STOPTIME in your index pattern. By default timelion will use @timestamp. The default can be changed in Kibana's advanced settings or overridden by setting it in the .es() function.
If that isn't the problem, I'm out of ideas without seeing the actual queries being sent to ES. If you're having trouble updating the Kibana config, you could also try adjusting Elasticsearch's slowlog setting. If you set the threshold to 0 you should be able to see every query Elasticsearch receives. Obviously this is something you'd only want to enable temporarily while debugging.