[Snort-users] time problem

Matt Kettler mkettler at ...4108...
Fri Apr 18 07:48:02 EDT 2003


Based on the fact that your native timezone is GMT +3 (at least that's 
what's in your email's date: header) I suspect that one of the systems is 
showing the time in GMT, and the other is your local time.

I believe that snort itself logs its alerts in GMT not local time, this way 
if you have multiple sensors across multiple time zones (big network) you 
can correctly correlate events, but I could be wrong.. check the docs.



At 04:30 PM 4/18/2003 +0300, TAYLAN  KIRAN wrote:
>Snort 1.9.1&ACID&MySQL on Redhat 8.0. ACID does not show timestamps of 
>alerts correctly.There are 3 hours difference. We checked the OS and 
>Hardware time. They are same and correct.. ACID shows the query time 
>correctly. But the time window and the timestamps of alerts are wrong.
>
>We reinstalled all RPMS. But the problem still exist.
>
>Thanks,





More information about the Snort-users mailing list