Howdy! So… Due to a failed upgrade with Graylog 4 and ELK 7, I’ve started over from scratch with those components, and I’m glad I did. I’m back up and running much quicker than I thought (mostly because I really use Grafana to display all the things I care about.
I have an issue with the timestamp field. I use Graylog GELF to import Apache2 Logs, and that creates a timestamp field automatically. When I look at the messages in Graylog, they look like this (which I believe is correct):
However, in my gradana instance, the timestamps are all shifted for some reason using the new Table panel.
I noticed that the old version of the table panel had correct timestamps, but these do not, and I don’t know why. The tables looked fine until I needed to re-arrange the fields, which meant that I needed to re-pick the Table visualization, and that messed up all the timestamps.