Help with Timezone issues with elasticsearch daily index

adilias3 · May 28, 2020, 6:39am

Hello,

I’m using Docker filebeat to store direct to Docker Elasticsearch (not via logstash). It’s working and I can see data being received in Kibana.

I am in timezone UTC+09

When the elasticsearch index is created, it is in the format filebeat-YYY.MM.DD - but in UTC

When I attempt to add the data source in Grafana, it can’t find today’s index filebeat-2020.05.28 - because in UTC, the date is still 2020.05.27 - the index filebeat-2020.05.27 exists.

Index filebeat-2020.05.28 won’t get created till 9 hours later

I have tried adding the timezone to my Docker containers, date returns correctly…

docker exec filebeat date
Thu May 28 13:36:39 JST 2020

docker exec elk date
Thu May 28 13:36:39 JST 2020

But the issue persists, Elasticsearcn indexes are in UTC - Grafana looks up indexes by browser local time.

jangaraj · May 28, 2020, 6:55am

All data and Grafana queries are in UTC. Grafana just “moves” data to dashboard timezone only in your local browser. So you don’t need anything special.

adilias3 · May 28, 2020, 7:01am

It’s gotta be something between filebeat and elasticsearch, we are will into 2020.05.28 (even in UTC) now, but all the records in elasticsearch are still in the 2020.05.27 index.

My data coming via logstash is ok - but coming from filebeat direct to elasticsearch the index is from yesterday

Topic		Replies	Views
Requests to resolve timezone problems with Grafana and elasticsearch Elasticsearch	2	2152	April 11, 2020
Elasticsearch timestamp in UTC but Grafana is interpreting it as EST Elasticsearch	1	1993	March 5, 2020
Timezone problems with Grafana and elasticsearch Grafana	4	2676	September 1, 2020
Date from elastic search is reflecting with some time shift,	2	797	December 1, 2020
Elasticsearch UTC timestamps are displayed incorrectly by Grafana Elasticsearch timestamp , graphing	6	2778	June 9, 2023

Help with Timezone issues with elasticsearch daily index

Related topics