Re: Capturing packets with daemonlogger using GMT as a timestamp

[Richard Bejtlich <taosecurity () gmail com>]

Hello,

Do you recognize that timestamps in Libpcap traces are stored in Unix
epoch time?  So, whatever you're using to read the trace is rendering
the time as localtime.

Sincerely,

Richard

On Wed, Nov 2, 2011 at 1:21 PM, carlopmart <carlopmart () gmail com> wrote:
> Hi all,
>
>  Due to recently problems with sguil frontend related to daemonlogger,
> I need to capture packets using GMT as timestamp. I have tried to
> include this variable in the script who launches daemonlogger:
>
> TZ=GMT
> export TZ
>
>  ... but daemonlogger continues using localtime as a timestamp. How can
> I do to use GMT as a timestamp for daemonlogger??
>
> Thanks.
>
> --
> CL Martinez
> carlopmart {at} gmail {d0t} com
>
> ------------------------------------------------------------------------------
> RSA&#174; Conference 2012
> Save $700 by Nov 18
> Register now&#33;
> http://p.sf.net/sfu/rsa-sfdev2dev1
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!