Elasticsearch 中的日期时间 - 如何处理时区
[英]datetime in Elasticsearch - How to handle timezone
问题描述
I try to index a field containing a date.
我尝试索引包含日期的字段。
How can I index a date from a different timezone ?如何索引来自不同时区的日期?
I've set my elasticsearch field like so : 'requested_dt': {"type": "date", "format": "date_time_no_millis"} 'local_dt': {"type": "date", "format": "date_time_no_millis"}我已经像这样设置了我的 elasticsearch 字段: 'requested_dt': {"type": "date", "format": "date_time_no_millis"} 'local_dt': {"type": "date", "format": "date_time_no_millis" "}
I've tried to index these values (local_dt) : (requested_dt is the current time in France)我试图索引这些值 (local_dt) :(requested_dt 是法国的当前时间)
IT 2016-10-27T23:46:17Z
GB 2016-10-27T22:46:19Z
I don't get the expected result through Kibana :我没有通过 Kibana 得到预期的结果:
[local_dt]
IT October 28th 2016, 01:46:17.000
GB October 28th 2016, 00:46:19.000
[requested_dt]
IT October 27th 2016, 23:46:17.000
GB October 27th 2016, 23:46:19.000
So, for requested_dt, I get what I expect.所以,对于requested_dt,我得到了我的期望。
For local_dt, I don't get what I want.对于local_dt,我没有得到我想要的。
I've tried to replace the Z value with the UTC offset but I'm not able to get the correct output.我试图用 UTC 偏移量替换 Z 值,但我无法获得正确的输出。
Is there someone able to explain to me how to get the correct output for each timezone I want ?有没有人能够向我解释如何为我想要的每个时区获得正确的输出?
2 个解决方案
解决方案1
6 2018-04-23 11:43:16
As I read(and my own experience), Kibana will index the @timestamp assuming they come in UTC, and only in format like 2018-04-23T10:45:13.899Z .当我阅读(以及我自己的经验)时,Kibana 将索引@timestamp假设它们以 UTC 格式出现,并且仅采用2018-04-23T10:45:13.899Z类的格式。 Note that we only have milliseconds and the T as separator and Z indicating UTC.请注意,我们只有毫秒和T作为分隔符, Z表示 UTC。
https://discuss.elastic.co/t/kibana-timezone/29270/5 https://discuss.elastic.co/t/kibana-timezone/29270/5
So, if you have a local datetime object, try to convert to UTC time, and format it like above.因此,如果您有本地datetime对象,请尝试将其转换为 UTC 时间,并像上面一样对其进行格式化。
- In case of
now(), usetimezone.now()ofdjango.utils.timezone;在now()情况下,使用django.utils.timezonetimezone.now(); or, without django, you havedatetime.datetime.utcnow()或者,没有 django,你有datetime.datetime.utcnow() - If you have an
datetime()object already, you can do:如果您已经有一个datetime()对象,您可以执行以下操作:
this:这个:
import pytz, datetime
local = pytz.timezone ("Europe/Paris")
local_dt = local.localize(your_datetime_object, is_dst=None)
utc_dt = local_dt.astimezone(pytz.utc)
(thanks to this answer ) (感谢这个答案)
When you have the object, format like:当你有对象时,格式如下:
timeStr = datetime.strftime(your_utc_time_object, "%Y-%m-%dT%H:%M:%S.%f") # %f: microseconds, 1/10^6 seconds.
timeStr = timeStr[:-3] # delete the trailing 3 digits, convert to milliseconds
toInsert["@timestamp"] = nowStr + "Z" # add 'Z' at last
解决方案2
2 2020-05-02 02:09:10
For the benefit of anyone coming here via Google search like me, you cannot append a military time zone letter to the end of the timestamp and have Elasticsearch recognize it.为了像我这样通过 Google 搜索来到这里的任何人的利益,您不能在时间戳的末尾附加军事时区字母并让 Elasticsearch 识别它。
I thought this would be the case since it recognizes and outputs the "Z" at the end of a UTC timestamp, so I appended "R" to my own timestamps to signify they came from UTC-5.我认为情况会是这样,因为它会识别并输出 UTC 时间戳末尾的“Z”,因此我将“R”附加到我自己的时间戳后,以表示它们来自 UTC-5。 Here's what they would look like next to each other:这是它们彼此相邻的样子:
"2020-04-09T07:35:15.100Z" # parsed as UTC
"2020-04-09T07:35:15.100R" # illegal argument exception
However, none of the built-in formats would recognize this additional letter;但是,没有任何内置格式会识别这个额外的字母; you must either specify the time offset like so您必须像这样指定时间偏移量
"2020-04-09T07:35:15.100-0500"
"2020-04-09T07:35:15.100-05:00"
or specify the timezone in your pipeline processor或在您的管道处理器中指定时区
{
"pipeline": {
"processors": [
{
"date": {
"field": "raw_date",
"formats": ["ISO8601"],
"timezone": "America/New_York"
}
}]
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.