[Snort-devel] Alert/Log Date Format

Nick Seidenman nicks at ...257...
Wed Feb 21 09:40:46 EST 2001


On 21 Feb 2001, Paul Ritchey wrote:

> Hi All:
> 
> I'd like to provide a patch for Snort and would like some feedback
> before I go about creating it.
> 
> Currently Snort outputs the dates in the alert/log files in the
> mm/dd....  format.  This is fine, but where I work we really could use
> the year imbedded in there was well.
> 
> I would like to provide a patch for this, and have come up with two
> optional ways of doing this (other suggestions welcome) but I don't
> know which would be more useful to the rest of the community.
> 
> 1.  Change the date format.  This would be the simplest patch, but for
> those who currently use the mm/dd format adding the year might break
> their code.
> 
> 2.  User selectable.  Add a command line flag (-y?) to allow the user
> to turn on the year format.  This would not interrupt current users
> who rely on the mm/dd format, but allow those of use that require the
> mm/dd/yy format to turn this feature on.  The downside is that we use
> up one more command line flag that could be used in the future for
> some new really cool feature.

How about a CustomLog directive, ala apache?

----------------------------------------------------------------------
 Nick Seidenman, CISSP      
 Senior Security Consultant
 Hyperon, Inc.           
 www.hyperon.com        






More information about the Snort-devel mailing list