Fortigate Messages Still Coming in 4 Hours Late After 2.3.0 Upgrade

Wasn’t this fixed in 2.3.0?

Obviously not?

Maybe you want to elaborate on your issue…

Instead of trying to explain it again, here is the last thread we had where it was discussed about this being fixed in 2.3.0.

If you read that topic further, you’ll see that your particular issue hasn’t been fixed and is best fixed by using the parse_date() function or a Copy Input extractor and a Date Converter with the correct timezone.

How does the copy input extractor work for this process? Yesterday before writing this post I created this extractor but it isn’t working. Do you mind pointing out what I have done wrong?

Field names are case sensitive, so “timestamp” is a different field than “Timestamp” (what you’ve entered as target field).

Target field is actually lowercase timestamp. Hence I am trying to convert it to Timestamp capital so it will fill the primary “Timestamp” field.


I tried updating my extractor to this, still no dice.

I had also the same problem but with 24 minutes delay. I creadted another user with utc timezone and everyting was ok and I logged out and logged in as Admin(timezone Berlin) and problem somehow solved!

I have tried modifying my users Timezone but no dice, all of my users are being imported from LDAP.

Any updates on what I am doing wrong?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.