Timestamp entries in cet without time zone are displayed in Kibana as cet +1

I have several log files with different timestamp formats. A log file like this:

grafik1053×83 41 KB

In the other file like this:

The timestampe entrys with and with out timezone specification.

With the following component template i format the timestampe.

The logentry with the timezone in the timestamp are displayd correctly.

But the logentry without the timezone are displyed one hour off

In kibana i have the following settings:

grafik1588×242 26.9 KB

What should i have to do that the timestamp without the timezone are displayed corrrectly?

Internally dates are stored in UTC. When date format contains a timezone Elasticsearch uses it to convert to UTC, but without a timezone it just assumes UTC.

I think you'll have to convert to a UTC timezone or specify your timezone during ingestion, as it won't be possible to fix on index mapping level.

Regarding Kibana advanced setting: this is just a UI formatting configuration. With it you can specify how you want to display dates in Kibana that are stored in UTC in Elasticsearch

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.