Timestamp entries in cet without time zone are displayed in Kibana as cet +1

jstricker · December 21, 2021, 2:06pm

I have several log files with different timestamp formats. A log file like this:

In the other file like this:

grafik

The timestampe entrys with and with out timezone specification.

With the following component template i format the timestampe.

grafik

The logentry with the timezone in the timestamp are displayd correctly.

grafik

But the logentry without the timezone are displyed one hour off

grafik

In kibana i have the following settings:

What should i have to do that the timestamp without the timezone are displayed corrrectly?

dosant · December 21, 2021, 2:54pm

Internally dates are stored in UTC. When date format contains a timezone Elasticsearch uses it to convert to UTC, but without a timezone it just assumes UTC.

I think you'll have to convert to a UTC timezone or specify your timezone during ingestion, as it won't be possible to fix on index mapping level.

Regarding Kibana advanced setting: this is just a UI formatting configuration. With it you can specify how you want to display dates in Kibana that are stored in UTC in Elasticsearch

system · January 18, 2022, 2:54pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Timezone UTC +00:00 getting converted on Kibana Display to +05:30 Kibana	4	4952	July 6, 2017
Kibana represents diferente datetime Kibana	5	381	August 16, 2018
Timestamp conversion Logstash	2	231	August 19, 2020
Recalculate times? Logstash	3	245	June 8, 2021
Date format in Elasticsearch Logstash	9	1251	December 16, 2021

Timestamp entries in cet without time zone are displayed in Kibana as cet +1

Related Topics