Snort mailing list archives
snort-acid timestamp problem...anyone ever fix this?
From: "Brian J. Smith-Sweeney" <bsweeney () physics ucsb edu>
Date: 13 Jan 2003 17:17:14 -0800
Hello all,
I'm new to the list, and subscribed due to a problem I'm having with
timestamps using snort/acid. I saw the post below in the archives from
November, but no one seemed to have an answer, so I'm re-asking: does
anyone know why the timestamps ACID would be reporting are wrong? The
system clock is correct, but the timestamps are consistently off by 8
hours. Even on the ACID main page, the "queried on" time shows up
right:
Queried on : Mon January 13, 2003 15:53:03
but the "time window" is off:
Time window: [2003-01-13 23:16:53] - [2003-01-13 23:52:49]
Any guesses?
-Brian
========================================
Brian Smith-Sweeey
Senior Systems Administrator
University of California, Santa Barbara
Physics Department
bsweeney () physics ucsb edu
(805)-893-8366
========================================
----------OLD POSTING------------------------
Date: Tue, 19 Nov 2002 11:08:26 -0400
* From: "Alfredo Pizarro" <alfredopizarro@xxxxxxxx>
* To: "Bob DeBolt" <bob.debolt@xxxxxxxxxxxxxxx>
* Subject: Re: [Snort-users] Problemes with Acid Timestamp
________________________________________________________________________
It's the same amount of time. (3 hours).
Redhat is set with America/Santiago (Chile) Time Zone.
Regards,
Alfredo
----- Original Message -----
From: "Bob DeBolt" <bob.debolt () telusplanet net>
To: "Alfredo Pizarro" <alfredopizarro () terra cl>
Cc: <snort-users () lists sourceforge net>
Sent: Tuesday, November 19, 2002 9:47 AM
Subject: Re: [Snort-users] Problemes with Acid Timestamp
Hello, i installed snort on linux box. It's recording fine but the timestamp in Acid is wrong. The linux's clock is correct but the
timestamp
on each record logged is incorrect.
How many hours, days minutes or seconds is it out. Is it the same amount of time or does it fluctuate between logs. Bob D ------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort-acid timestamp problem...anyone ever fix this? Brian J. Smith-Sweeney (Jan 13)
- <Possible follow-ups>
- snort-acid timestamp problem...anyone ever fix this? Brian J. Smith-Sweeney (Jan 13)
- Re: snort-acid timestamp problem...anyone ever fix this? Jens Krabbenhoeft (Jan 14)
- Re: snort-acid timestamp problem...anyone ever fix this? Brian J. Smith-Sweeney (Jan 14)
- Re: snort-acid timestamp problem...anyone ever fix this? Jens Krabbenhoeft (Jan 14)