Hi.
Graylog 5.2.4. I have a problem with the time I get in the Greylog response for the event. In the e-mail that arrives, the time is ok:
Timestamp 2024-03-12T07:47:04.005+01:00
Timestamp Processing 2024-03-12T07:47:04.005+01:00
But the time in the API response is an hour earlier:
“timestamp”: “2024-03-12T06:47:04.005Z”,
“timestamp_processing”: “2024-03-12T06:49:54.213Z”
My config in System/Overview is:
Time configuration
User admin:
2024-03-12 08:03:09 +01:00
Your web browser:
2024-03-12 08:03:09 +01:00
Graylog server:
2024-03-12 08:03:09 +01:00
Alerts/Notofications/ Time zone for date/time values is set for CET
On the OS:
timedatectl:
Local time: Tue 2024-03-12 07:54:13 CET
Universal time: Tue 2024-03-12 06:54:13 UTC
RTC time: Tue 2024-03-12 06:54:13
Time zone: Europe/Warsaw (CET, +0100)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
In the server.conf:
root_timezone = CET (I tried with UTC also)
root_timezone = Europe/Warsaw
Do you have any ideas where the problem is and what else to check?
What catches my attention is that the response from the API is in UTC format (2024-03-12T06:47:04.005Z). I don’t know why or where to change it.