We are currently in the process of upgrading from ES 7.x to ES 8.x and are performing a data validation/parity checks between mission control and incedent review . We've seen a discrepancy in how the "Yesterday" time picker criteria is being handled. The Issue: When selecting the "Yesterday" preset in the time range picker: ES 7: Returns the expected results (only events from the previous calendar day). ES 8: Returns results from yesterday, but is also "leaking" results from early this morning (specifically events at 0:53 and 0:54 AM today). User Preferences: Both instances are set to the same display timezone. Verified that the events appearing in ES 8 have timestamps for today's date The same events do not appear in ES 7 under the "Yesterday" filter. Has the definition of the "Yesterday" relative time string changed in ES 8, or is there a new global setting/macro in ES 8 that overrides the  snap-to behavior for the default time picker?    Scratching my head - but appreciate this might be a really simple solution!   ... View more