I'm transferring our local ELK netflow processing to the cloud (not elastic cloud).
Netflow data is coming into Discover in real-time, and timestamped correctly in the @timestamp field.
However, the "current time" in my timelion graph seem to be off by an hour. If i do a 'last 15minutes' query on a dashboard, all my visualisations update correctly, but the timelion ones will think it's CurrentTime-1hr and display an X-Axis showing a 15min window back from there.
In my local setup, i've not had to add timefield="@timestamp" to my timelion queries, they just works. I'd rather not do it on the hosted setup until i know why this issue is occurring.
If it helps, my cloud servers and local web browsers that are accessing Kibana are all set to UTC +1 timezones, it seems timelion could be stuck on UTC? Is that possible?
Does anyone have any ideas?
Thanks
Help?