Problem & Solution - Snort binary log file timestamps screwed up

["Cloppert, Michael" <Michael.Cloppert () 53 com>]

FYI:
 
[many details left out for brevity]  All of my snort.log.* binary file dates
got screwed up due to a script that ran amok, which makes it difficult to
determine what logs to delete (retention policy, etc...).  To restore my
date/timestamps on the files themselves (after fixing the script, of
course!), I ran the following in my /var/log/snort directory:
 
for i in `ls snort.log.*` ; do stamp=`tcpdump -ttttnnr $i |tail -n 1 |sed
"s/\//\ /g" |sed "s/\:/\ /g" |awk '{print $3$1$2$4$5}'`; echo $i : $stamp ;
touch $i -t $stamp ; done
 
I'm sure there's a better way to do it, but this worked for me, and I
figured I'd share it in case anyone was in a similar situation.
 
Cheers,
Michael Cloppert