[Oisf-users] Log entry timestamp question
Steve Castellarin
steve.castellarin at gmail.com
Wed Dec 27 18:47:50 UTC 2017
Hi all,
I'm currently running Suricata v4.0.1 on an Ubuntu 16.04 64bit server,
using a Napatech card for my packet capture device. Currently Suricata is
logging two types of things for me - DNS queries/answers to eve.json and
IDS alerts to fast.log. When I look at events in either file I notice that
the timestamp does not have the micro/milliseconds of the event. Instead
the format always looks like: yyyy-mm-ddThh:mm:ss.000001-0500.
Is there a setting I'm missing that would change the timestamp in the logs
accordingly?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20171227/b11cbf77/attachment.html>
More information about the Oisf-users
mailing list