[Snort-devel] Alert/Log Date Format

Paul Ritchey pritchey at ...278...
Wed Feb 21 09:30:26 EST 2001


Hi All:

I'd like to provide a patch for Snort and would like some feedback before I go about creating it.

Currently Snort outputs the dates in the alert/log files in the mm/dd....  format.  This is fine, but where I work we really could use the year imbedded in there was well.

I would like to provide a patch for this, and have come up with two optional ways of doing this (other suggestions welcome) but I don't know which would be more useful to the rest of the community.

1.  Change the date format.  This would be the simplest patch, but for those who currently use the mm/dd format adding the year might break their code.

2.  User selectable.  Add a command line flag (-y?) to allow the user to turn on the year format.  This would not interrupt current users who rely on the mm/dd format, but allow those of use that require the mm/dd/yy format to turn this feature on.  The downside is that we use up one more command line flag that could be used in the future for some new really cool feature.

Feedback, comments and suggestions welcome.

Once it's done, I'll submit it so that it can (hopefully) be added to the CVS code (Marty?).

Paul






More information about the Snort-devel mailing list