lukejadamec - using the shortend search you suggested, splunk itself shows the correct time of the event (i.e., to the left of the linux event is in EST.) However, if I go to "View all XX fields" in the left pane of splunk, and select "date_hour", it comes up to the bottom right of my linux event next to host, sourcetype, source, "date_hour" and has time in GMT. For example, Splunk time of event (left of the log entry) after I search is 9:00:01.837 AM; however, the "date_hour" under the event is "14" (GMT time). This is my problem area. Thanks for your assistance.
... View more