I'm monitoring different logs such Squid, Apache, Nginx, Secure and Message syslogs, Postfix and Dovecot.
When the Squid, Apache and Nginx logs arrive the @timestamp time is the same of my PC and Servers times. Otherwise, when syslogs, postfix and Dovecot arrives, the @timestamp have 2 hours diff and in the graphic appear as "future logs".
I search in the forum but not found nothing similar...
No, I want @timestamp to have the real system time... Now is adding 2 hours to the system time, but only on these logs... in Apache @timestamp have the correct system time.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.