[Snort-users] time problem
mkettler at ...4108...
Fri Apr 18 07:48:02 EDT 2003
Based on the fact that your native timezone is GMT +3 (at least that's
what's in your email's date: header) I suspect that one of the systems is
showing the time in GMT, and the other is your local time.
I believe that snort itself logs its alerts in GMT not local time, this way
if you have multiple sensors across multiple time zones (big network) you
can correctly correlate events, but I could be wrong.. check the docs.
At 04:30 PM 4/18/2003 +0300, TAYLAN KIRAN wrote:
>Snort 1.9.1&ACID&MySQL on Redhat 8.0. ACID does not show timestamps of
>alerts correctly.There are 3 hours difference. We checked the OS and
>Hardware time. They are same and correct.. ACID shows the query time
>correctly. But the time window and the timestamps of alerts are wrong.
>We reinstalled all RPMS. But the problem still exist.
More information about the Snort-users