Hello everyone, my windows servers are sending DNS debug logs and NPS debug logs from the corresponding files, using NXLog im_file module. When I send the log to Chronicle SIEM, the parser works good but there is one issue.

The timezone configured on the Windows servers is CET (+02:00), while Chronicle parses the timestam as UTC. So my logs don't show up on chronicle portal until 2 hours from ingestion, and when they show, they have a wrong timestamp.

Do I need to change the timezone on my server or is there another way to make Chronicle use the right Timezone?

Maybe even using NXLog.

Thank you