I did check the output of logstash and the time is correct …
What, exactly, do you mean by that?
tried to modify the max_bulk_size same problem
Why would changing that option help?
is there a way to delete the @timestamp send by filebeat in logstash
and add the actual time of the elk server
The date filter does exactly that but it's possible that you've misconfigured it.
Are you sending the events to Logstash for processing or is Filebeat sending directly to ES? Show the configuration of both Filebeat and Logstash and post an example event from Elasticsearch (e.g. by copying/pasting from Kibana's JSON tab).