Edit
Opensearch increases the timestamp of the logs by one hour. It must somehow assume that the logs come from the UTC time zone. How do I change this behaviour?
2023-02-02 12:47:27,897 [INFO]: <log> becomes 2023-02-02 13:47:27,897 [INFO]: <log>
Asked
Active
Viewed 782 times
0
naraghi
- 430
- 1
- 6
- 18
1 Answers
0
From the official documentation:
Internally, dates are converted to UTC (if the time-zone is specified) and stored as a long number representing milliseconds-since-the-epoch. Reference: https://www.elastic.co/guide/en/elasticsearch/reference/current/date.html
You can't change this behavior, but when you search the data you will see the correct time according to your browser time. Or you can specify the time zone during the search. For example:
GET _search
{
"query": {
"range": {
"timestamp": {
"gte": "2023-02-02 12:47:27",
"format": "yyyy-MM-dd HH:mm:ss",
"time_zone": "+01:00"
}
}
}
}
Musab Dogan
- 1,811
- 1
- 6
- 8