Re: [despammed] Snort > mysql > acid - timestamp troubles

[Ed McMan <essmilee () comcast net>]

Wednesday, May 29, 2002, 3:01:00 PM, Rose, Jerry L SAJ Contractor wrote:

RJLSC> Here's the problem. I've got alerts being logged 
RJLSC> with timestamps later than the current time (approx. 
RJLSC> 4 hours into the future). I'm running ntpd on all 
RJLSC> three servers. I've run the "date" command on all 
RJLSC> three servers to visually verify the proper date 
RJLSC> and time is set on all three servers. I've cranked 
RJLSC> up "#snort -v" then "ctrl-c" and the timestamps are 
RJLSC> correct on standard out.

Hmm, strange.  What happens if you manually insert a time into the
table?  Does it show up with the correct time or the future one?

-------------------------------------------------------------
|Eddie J Schwartz <EdMcMan () despammed com> http://www.m00.net|
|   AIM: The Cypher ICQ: 35576339 YHOO: edmcman2 MSN: ^^    |
| "We Trills have an expression--at forty, you think you    |
| know everything.  At four hundred, you realize you know   |
|         nothing." - Dax, Star Trek Deep Space 9           |
-------------------------------------------------------------


_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users