The indexed time of the log is different from the logged time of the log.
Logged time - 2021-01-25 04:19:18,002
Indexed time - Jan 25, 2021 @ 04:19:27.750
There is a 10 seconds delay when comparing both the timestamps. Is there a way to make the indexed timestamp same as the logged time timestamp.
You need to use a date filter to set the @timestamp to the timestamp field of the log.
So if you've got the time in a field called log_time, you'd use a date filter like this:
date {
match => [ "log_time", "ISO8601" ]
}
See the logstash documentation for additional details on how the date filter works.