Snort mailing list archives
snort-acid timestamp problem...anyone ever fix this?
From: "Brian J. Smith-Sweeney" <bsweeney () physics ucsb edu>
Date: 13 Jan 2003 15:55:16 -0800
Hello all, I'm new to the list, and subscribed due to a problem I'm having with timestamps using snort/acid. I saw the post below in the archives from November, but no one seemed to have an answer, so I'm re-asking: does anyone know why the timestamps ACID would be reporting are wrong? The system clock is correct, but the timestamps are consistently off by 8 hours. Even on the ACID main page, the "queried on" time shows up right: Queried on : Mon January 13, 2003 15:53:03 but the "time window" is off: Time window: [2003-01-13 23:16:53] - [2003-01-13 23:52:49] Any guesses? -Brian -- ======================================== Brian Smith-Sweeey Senior Systems Administrator University of California, Santa Barbara Physics Department bsweeney () physics ucsb edu (805)-893-8366 ======================================== ----------OLD POSTING------------------------ Date: Tue, 19 Nov 2002 11:08:26 -0400 * From: "Alfredo Pizarro" <alfredopizarro@xxxxxxxx> * To: "Bob DeBolt" <bob.debolt@xxxxxxxxxxxxxxx> * Subject: Re: [Snort-users] Problemes with Acid Timestamp ________________________________________________________________________ It's the same amount of time. (3 hours). Redhat is set with America/Santiago (Chile) Time Zone. Regards, Alfredo ----- Original Message ----- From: "Bob DeBolt" <bob.debolt () telusplanet net> To: "Alfredo Pizarro" <alfredopizarro () terra cl> Cc: <snort-users () lists sourceforge net> Sent: Tuesday, November 19, 2002 9:47 AM Subject: Re: [Snort-users] Problemes with Acid Timestamp
Hello, i installed snort on linux box. It's recording fine but the timestamp in Acid is wrong. The linux's clock is correct but the timestamp on each record logged is incorrect.
How many hours, days minutes or seconds is it out. Is it the same amount of time or does it fluctuate between logs. Bob D ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort-acid timestamp problem...anyone ever fix this? Brian J. Smith-Sweeney (Jan 13)
- <Possible follow-ups>
- snort-acid timestamp problem...anyone ever fix this? Brian J. Smith-Sweeney (Jan 13)
- Re: snort-acid timestamp problem...anyone ever fix this? Jens Krabbenhoeft (Jan 14)
- Re: snort-acid timestamp problem...anyone ever fix this? Brian J. Smith-Sweeney (Jan 14)
- Re: snort-acid timestamp problem...anyone ever fix this? Jens Krabbenhoeft (Jan 14)