Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Slightly OT]: what syslog daemon actually ignores the client timestamp?

From: Andreas Östling <andreaso () it su se>
Date: Fri, 28 Jun 2002 07:41:00 +0200 (CEST)

On Fri, 28 Jun 2002, Jason Haar wrote:


This can't be right. However, both sysklogd and syslog-ng have this problem
- they don't ignore timestamps. syslog-ng has a "use_time_recvd" option that
sounds like it should do the job - but apparently that only affects file
creation macros...


It only affect the macros, but you can use the macros like this:

destination foo { file("/var/log/foo.log" template("$DATE $HOST $MSG\n")); };

And you should get the timestamps in UTC.

Regards,
Andreas Östling



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Caffeinated soap. No kidding.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: