Why am I time zone difference between event time a...

Getting Data In

Hi All,

I am facing an issue related to time zone interpretation, one server which is configured with CET and sending log splunk cloud (in my best knowledge indexers are placed in GMT timezone). This server sends syslogs to SC4S servers configured with GMT time zone. Event Time value in splunk is being picked as per the raw event time. Since splunk indexers are GMT, SC4S is in GMT, I am getting time difference between event time (server time/ CET time zone) and index time (GMT time zone).

please help, how can I resolve this issue of huge time difference in event time and index time.

Thanks,

Bhaskar

Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card! Hello there, Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...