Timestamp conversion

ishank · July 22, 2020, 5:47am

Hi

The data in my csv file is having the timestamp in format:

2019-04-11   12:00 AM

(There are 3 spaces between the date & time)

My logstash configuration for same:

filter{
date {
        match => ["Time", "yyyy-MM-dd   hh:mm a" ]
        target => "@timestamp"
      }
}

This works fine and I get the @timestamp in elasticsearch . But when I see the data in elasticsearch or kibana, I think it is picking up UTC time automatically.
For example, the event happened at 2019-04-11 12:00 AM, in Elasticsearch, it is shown as Apr 10, 2019 @ 18:30:00.000.

Please help.

Badger · July 22, 2020, 5:37pm

elasticsearch always stores date/time as UTC. By default kibana transforms those to the browser's timezone.

If your log files are not in UTC then use the timezone option of the date filter to tell it what timezone they are in.

system · August 19, 2020, 5:37pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash date filter changing my time automatically Logstash	2	432	June 19, 2018
Logstash converting date / Time in correctly Logstash	2	341	December 31, 2019
Timestamp not match Logstash	2	489	November 8, 2019
Logstash Date Filter Inquiry Logstash	3	303	December 26, 2018
Difference in time between timestamp and @timestamp Logstash	5	2486	June 4, 2020

Timestamp conversion

Related topics