[Snort-users] Timestamps

Martin Roesch roesch at ...1...
Thu Jul 20 00:24:37 EDT 2000


That's weird, I haven't seen that (of course, I still haven't tried it on
Win32).  The UNIX version just makes calls to localtime or uses the packet
time (from the BPF interface) for its timestamping.  Maybe Mike (from eEye)
has a better idea of what's going on?

    -Marty

Tom Whipp wrote:
> 
> Hi all,
> 
>         I'm currently using the Win32 1.6.2 release of snort from my Win98 desktop
> machine - which incidentally is great to have as a quick way to trial the
> system.  I will be migrating it to a Linux box when I have time, found a
> spare box and tweaked the ruleset.  However right now all log messages are
> being timestamped with GMT time rather than summertime (GMT-1) in contrast
> to our syslog which uses the summertime string - is this normal behaviour
> for snort?, is this a product of the Win32 release? or is there a
> configuration switch I've missed?
> 
> Right now its not a problem as I know what I'm looking at, and if as I
> suspect this is something to do with the Win32 version then it will shortly
> be irrelevant - but I do like to have all of my log timestamps in sync for
> obvious reasons and at the moment its just a tiny bit awkward to tie all of
> the entries together.
> 
> any ideas?
> 
> cheers
> 
>         Tom
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users

-- 
Martin Roesch                      <roesch at ...2...>
Core R&D                         http://www.hiverworld.com
Hiverworld, Inc.       Continuous Adaptive Risk Management




More information about the Snort-users mailing list