Hi Guys! My name is Santiago. I m from Argentine! I am a Newbbie.
I have a question. While I have the same schedule on the Graylog server that on the Windows Server I notice 2 schedules for the same event. What can be? In the attached image it is evident. Thank you very much for your time!
Regats for every one!
hi,
Graylog uses UTC as the time zone internally. You need to know which time zone is used by the source and possibly you need to make a timezone conversion for incoming messages so that you switch to UTC. You can do this by either extractors or by processing pipelines.
Each user can then choose which time zone (s)he wants to use from the user options. When viewing messages, Graylog converts the timestamp (the one you can see in the upper box) to the correct time the user wants to see events in.
As an addendum to @jtkarvo’s post:
Graylog 3.0.0 will show “both” timestamp fields in the configured timezone of the user:
https://github.com/Graylog2/graylog2-server/pull/4521
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
