API Timezone issue

Hi,
I use API to get logs from graylog. root_timezone is set in config file. And in GUI everything is ok, graylog timestamp = timestamp in log. Unfortunately API query is processed with UTC time zone.I use admin account to authenticate in API. What do I do wrong?
API query:
“{ “streams”: [ “603f6b27862c625f00730877” ], “timerange”: [“absolute”, { “from”: “2021-04-02T07:50:00.000Z”, “to”: “2021-04-02T07:59:59.999Z” }] , “query_string”: { “type”:“elasticsearch”, “query_string”:“action:accept AND subtype:forward AND dstintf:port10” } }”

Best regards,
Lukasz

You don’t do anything wrong. It’s a feature not bug. API uses UTC timezone, because ElasticSearch also use it. root_timezone is only used in web interface for user admin to render it correct timezone, not in API.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.