Timestamp conversion

Elastic Stack Logstash
1

Hi

The data in my csv file is having the timestamp in format:

2019-04-11   12:00 AM

(There are 3 spaces between the date & time)

My logstash configuration for same:

filter{
date {
        match => ["Time", "yyyy-MM-dd   hh:mm a" ]
        target => "@timestamp"
      }
}

This works fine and I get the @timestamp in elasticsearch . But when I see the data in elasticsearch or kibana, I think it is picking up UTC time automatically.
For example, the event happened at 2019-04-11 12:00 AM, in Elasticsearch, it is shown as Apr 10, 2019 @ 18:30:00.000.

Please help.

2

elasticsearch always stores date/time as UTC. By default kibana transforms those to the browser's timezone.

If your log files are not in UTC then use the timezone option of the date filter to tell it what timezone they are in.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.