Hey folks,

   I have what I believed would be a simple question, but it's turning out to be more of a challenge than expected.  This is on-prem Splunk Enterprise v7.2.4.2.

   I have a view.  I've scheduled PDF delivery of that view each morning.  It works like a champ.  However, the time presented in the resulting PDF is in UTC (which is what the sending Splunk search head runs under).  OK, fine, so I added 'dispatchAs = owner' to the savedsearches.conf entry for the PDF delivery, and made sure that the view has 'owner = <my username>' in metadata/local.meta.  I've read and re-read the spec for savedsearches.conf, and I believe I'm interpreting it correctly.

   Incidentally, when loading the view in the Splunk web UI as the same username from above, I get the correct times (adjusted for the local time zone).

   However, the PDF continues to arrive using UTC (we're in Central time zone and everything is 6 hours off in the PDF).  I don't know what I'm missing, this really doesn't seem to be that hard.  I *think* I'm reading the docs correctly.

   I would very much appreciate any hints, pointers, or clue-by-fours.  Thank you so much!

Chris