[Snort-users] [Slightly OT]: what syslog daemon actually ignores the client timestamp?

Andreas Östling andreaso at ...236...
Thu Jun 27 22:42:02 EDT 2002


On Fri, 28 Jun 2002, Jason Haar wrote:

> This can't be right. However, both sysklogd and syslog-ng have this problem
> - they don't ignore timestamps. syslog-ng has a "use_time_recvd" option that
> sounds like it should do the job - but apparently that only affects file
> creation macros...

It only affect the macros, but you can use the macros like this:

destination foo { file("/var/log/foo.log" template("$DATE $HOST $MSG\n")); };

And you should get the timestamps in UTC.

Regards,
Andreas Östling





More information about the Snort-users mailing list