[Snort-users] Bug with timestamp. Snort 1.8 and FreeBSD and ACID

Borja Marcos borjamar at ...778...
Tue Jun 19 10:25:25 EDT 2001


On Tuesday 19 June 2001 03:42, you wrote:
> I'm skeptical that ACID garbled that date, since
> it read it raw from the database.  More likely is
> that this is how the timestamp was written to the
> database.  Can you confirm this?
>
> Run something like:
>
> SELECT * FROM event WHERE sid=1 AND cid=3310
>
> What is the format of the date?  Likewise, to
> re-iterate the timestamps in the DB should read
> 12:32:37+02 ?

	You are right ;-) 

snort=> select * from event where sid=1 and cid=3310;
 sid | cid  | signature |       timestamp
-----+------+-----------+------------------------
   1 | 3310 |        40 | 2001-06-19 14:32:39+02
(1 row)

	It seems to be Snort. The database server is PostgreSQL 7.1.2_1.



	Borja.




More information about the Snort-users mailing list