This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 40%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
What timezone is used by Azure sentinel? Below are what showing up in the Sentinel portal.
Last update time
01/02/21, 08:41 AM
Creation time
01/02/21, 08:41 AM
Sentinel uses UTC. You can toggle in the Logs blade UI to change this, but the change is temporary. One other choice is to alter the output of any Analytic or query to the local time https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/datetime-utc-to-local-function
Please accept answer if this helps you
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 28.999999999999996%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBP%3C/text%3E%3C/svg%3E)
Hello Clive. I have the same query. As the toggle is no longer available in Sentinel. Could you advise?
It is always good policy to manually set the time zone for all Event Source nodes in the Event Source Manager. Always remember to includes the time zone in the time stamp. This will help to understand the time easily
@Manu Philip - Thanks for the reply. We haven't set that up yet. So what's the default timezone from our of the box?
@VizPro1985
Thank you for your question!
Based off what I found, it looks like Azure Sentinel goes off of UTC, if you're seeing inaccurate times or are having issues with Azure Sentinel, I'd recommend creating a support request so our engineers can take a closer look into your issue. Lastly, here are some other Azure Sentinel resources that you can leverage.
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
@VizPro1985
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 23%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Hi James,
Can we change the default UTC time to EST in Sentinel ?
THanks in advance.