Logstash causes 8 hour time difference solution due to time zone - Code World

Logstash causes 8 hour time difference solution due to time zone

Others 2022-04-28 07:28:20 views: 0

Written at the top, the principle of this logstash to solve the time difference is to use the timestamp field to replace the @timesamp field of logstash.

If there is no timestamp field in the log, it is invalid.

Logstash version 2.3

Logstash's date plugin configuration:

date {
match =>["timestamp","dd/MMM/yyyy:HH:mm:ss Z"]
target =>"@timestamp"}

Check the parsing results and find that @timestamp is 8 hours ahead of China time

For page viewing, ELK's solution is to read the browser's current time zone on Kibana, and then convert the display of the time content on the page.
The solution found two
1,

vim vendor/bundle/jruby/1.9/gems/logstash-core-event-2.3.3-java/lib/logstash/timestamp.rb

Change @time = time.utc to time

2.
This method is related to the time zone setting of the Linux server. Some Linux may not be successfully modified. The first method is recommended.
http://www.aichengxu.com/view/6621766
1) Modify the logstash configuration

date {
match =>["timestamp","yyyy-MM-dd HH:mm:ss"]
target =>"@timestamp""locale"=>"en"
timezone =>"+00:00"}

Add timezone => "+00:00"
and then test @timestamp is the normal time, @timestamp and timestamp are the same.
2) Because kibana will read the browser's time zone, and then +8 hours, you need to modify the configuration of kibana.
Settings - Advanced - dateFormat:tz modified to UTC

After the Elasticsearch index creation error
was modified, it was found that when logstash was outputting to elasticsearch on a daily basis, the index of the day was created at 8:00 every day, and the data before 8:00 was still output to the index of yesterday, as shown in the figure:

The solution is as follows:

vim ./vendor/bundle/jruby/1.9/gems/logstash-core-event-2.3.3-java/lib/logstash/string_interpolation.rb
.withZone(org.joda.time.DateTimeZone::UTC)

change into

.withZone(org.joda.time.DateTimeZone.getDefault())

Logstash version 5.3

To solve the 8-hour time difference problem, the configuration is as follows:

    date {
        match =>["timestamp","dd/MMM/yyyy:HH:mm:ss +0800"]
        target =>"@timestamp""locale"=>"en"
        timezone =>"UTC"}

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326192136&siteId=291194637

Logstash causes 8 hour time difference solution due to time zone

Centos8 manually sets the time zone, date, and time, and sets the time to 24-hour format

[JS] The reason for the 8-hour difference in time format conversion

Solution to the 8-hour slow time of unicloud cloud function

docker time zone +8

Centos7 After installation, time zone selection Shanghai but the difference in time with the system time of 8 hours is not correct

[ChatGPT Programming Notes] Solve the 8-hour difference between Linux server time and Beijing time

Linux system time and time difference of 8 hours solution

Mysql time zone error solution

About the time zone problem of the time difference of 8 hours in the ftp upload file system

Ubuntu modify time zone and modify 24-hour format

Mybatis Mysql query in time datetime type, a difference of 8 hours Solution

Changing LocalDateTime based on time difference in current time zone vs. eastern time zone

Springboot web project unified time zone solution

Mysql entry to the proficient-8 hours difference in MySQL time zone configuration

The difference between RTC time and Local time and Linux setting time zone and modification time

Illegal instant due to time zone offset transition (Asia/Shanghai) - Joda.time

One hour wps date for two time units difference

Calculate the time difference for the data in timestamp format, and get the working hours (by hour)

When using JPA, the new Date() time is inserted into the database and the time difference is 8 hours. Solution

The ultimate solution for the difference between the Java acquisition time and the system time is 8 hours

Joda Time and Java8 Time difference

Get the time in the current specified time zone - based on Java8

Solution JDBC connection MySQL 8 when unusually: java.sql.SQLException: The server time zone value 'й ׼ʱ' is unrecognized or represents more than one time zone.

Android gets the current time zone of the mobile phone and solves the problem of time offset and daylight saving time difference

The server time zone value '??? ú ± ê × ?? ± ??' is unrecognized or represents more than one time zone. Error reason and solution

The server time zone value is unrecognized or represents more than one time zone. The solution to this problem

Time zone difference and host eight hours in the docker, how do?

Linux time and time zone settings

Linux set time and time zone

Recommended

Ranking

PAT Level B 1094 Google's Recruitment (20 points) Python

Old Wei wins the offer to take you to learn --- brush (integer number 31. 1 appears) title series

Bilibili: Barrage Screening: Baijiaxing: Import XML directly

개체 배열 중복 제거

matplotlib—patches.Circle

[Observation] It is also a cordless vacuum cleaner, why does Dyson V10 dare to sell 4990 yuan?

0410

Apache Kafka message delivery reliability analysis

How hotel occupancy records inquiry etj

Essential knowledge for getting started with speculating in spot silver

Daily

More

2024-04-28(12)

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)

2024-04-22(5)

2024-04-21(0)

2024-04-20(6)

2024-04-19(5)