I am running Graylog as the root (Admin) user and configured the timezone to my local time:
#root_timezone = UTC
root_timezone = America/New_York
I am using Grafana to visualize some logs and noticed that after their recent update (Grafana V6.6), all my timestamps are in UTC even though Graylog displays in my configured and desired timezone. I did some research and their recommendations are to change Elasticsearch timezone to UTC and this issue should go away but if I do, I can no longer see my logs in Graylog on the timezone I’ve setup (at least I think it will change).
Graylog does save all messages in UTC and the setting root_timezone is only the timestamp that is used to display the logs in that configured timezone for the hardcoded admin user.
So that does not change any stored logs settings or similar.
I had a feeling that was the case since nothing changed in the Graylog configuration. It was simply after the update in Grafana. A post on their board yields no results.
