Was this ever resolved. i never had this issue, and been running Graylog for a long time.
Just today with the latest Graylog (2.1.1) Search * for Last, 5m 15m, 30m, 1hr don't return and results Search * in the last 2 hours returns messages just few seconds ago, This is across the board, in a clustered environment, with multiple sources. Impossible for all those sources to have the wrong dates. I checked all Graylog nodes ES Nodes and they all have the correct dates / timezones. What gives? Really puzzling. Thanks On Wednesday, April 15, 2015 at 4:22:18 PM UTC-4, Zi Dvbelju wrote: > > Hey Edmundo, > > Graylog user timezone and messages timezone are correct. Has been setup > that way for over a year, and I have confirmed they are still setup > correctly. > > I upgraded to the latest version hoping that would fix it, but still > running into the same issue. > > Any other suggestions? Error logs don't show any issues. > > Only relative searches return data; nothing from absolute. > > Thanks, > Z > > > On Tuesday, January 20, 2015 at 2:40:53 PM UTC-5, Edmundo Alvarez wrote: >> >> Hello Zach, >> >> I would start taking a look at the time configuration, specially >> timezones. Could you verify the time settings in the machines sending logs, >> and that both your Graylog user's timezone and the messages' timezones are >> correct? >> >> I hope that helps. >> >> Regards, >> Edmundo >> >> -- >> Developer >> >> Tel.: +49 (0)40 609 452 077 >> Mobile: +49 (0)171 27 22 181 >> Mobile (US): +1 (713) 321 8126 >> Fax.: +49 (0)40 609 452 078 >> >> TORCH GmbH >> Steckelhörn 11 >> 20457 Hamburg >> Germany >> https://www.torch.sh/ >> >> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 >> Geschäftsführer: Lennart Koopmann (CEO) >> >> > On 20 Jan 2015, at 19:34, Zi Dvbelju <[email protected]> wrote: >> > >> > Hey Team, >> > >> > Running into a strange issue with my Graylog2 setup. >> > >> > Search for anything with "last hour" returns no results. I can >> duplicate the same exact search with "last day" and see messages from >> within the last few seconds. >> > >> > Only searches with the "last hour" tag are returning nothing. >> > >> > v92.3 >> > >> > Thanks, >> > Zach >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups "graylog2" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an email to [email protected]. >> > For more options, visit https://groups.google.com/d/optout. >> >> -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/ae9103cf-8eb0-4678-b5c2-06f978652c0d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
