I have a Palo Alto firewall log source using the plugin in the integration package on Graylog 3.1.2.
The log source has an ntp time source set to JST, however logs from the log source are in the future by nine hours therefore the relative search is broken and you can only use the absolute search with the time settings set to nine hours ahead.
No other log sources are suffering the same issue. I have also tried with both the admin user and another user set to JST and the issue still exists with the source.
Am I correct that the log source is most likely the problem i.e log source is taking JST NTP time and further advancing again by nine hours?Anyone here encountered this before?