Practical Logstash Usage Patterns for Timezone Handling, Log Parsing, and Multi-index Routing in ELK
Aligning Timestamps Across Time Zones
When shipping data from Logstash to Elasticsearch, the @timestamp field often reflects UTC time, causing mismatch with local time zones. A permanent fix involves adjusting the timestamp in the filter stage.
ruby {
code => "evt.set('local_ts', evt.get('@timestamp').time.localtime + 28800)"
}
r ...
Posted on Wed, 13 May 2026 04:44:46 +0000 by Delcypher