Hello Again,
I am getting as actual data for the attribute(FILE_CREATION_DATE) as "2022-06-30 16:34:27" but when I see in the kibana table format; I can see the time has been added exactly two hours. Here is the data in kibana Table : FILE_CREATION_DATE Jun 30, 2022 @ 18:34:27.000.
timezone : "Europe/Stockholm"
In index template my custom format for the datetime field is : yyyy-MM-dd HH:mm:ss.
How can I get the actual time in kibana also? Is there anyhow I can mention in the Index template so that it should not added exactly 2 hours.
Regards,
RabBit_BR
June 30, 2022, 3:37pm
2
Hi @Pranjal_Sett
Change timezone here: Kibana > Management > Advanced Settings -> Timezone for date formatting
1 Like
Hi @RabBit_BR
Did that change but issue still persists.
stephenb
July 1, 2022, 5:59am
4
Hi @Pranjal_Sett
How are you ingesting your data?
Most likely the problem is that you're ingesting this FILE_CREATION_DATE date field without a time zone and so the default is to assume UTC timezone.
At ingestion time you should provide the time zone for that for that field then I think you'll see what you expect.
A date field in elastic is always stored as UTC and then displayed in Kibana in the local time zone (assuming default settings)
Pranjal_Sett:
yyyy-MM-dd HH:mm:ss
Hi @stephenb ,
In that case I have to write this logic in Logstash like below:
date {
remove the custom date format for FILE_CREATION_DATE from index template then delete the index and restart the logstash .. right?
stephenb
July 1, 2022, 2:19pm
6
That sounds about right.
You Could probably update the index template to have the new / correct date format If you wanted.
system
July 29, 2022, 2:19pm
7
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
