[Oisf-users] Suricata time&zone settings
João Pedro
oladj at live.com.pt
Thu Mar 28 10:34:29 UTC 2019
I am testing Suricata IDS in a VirtualBox machine with Lubuntu installed.
For example, Suricata is returning the alert:
03/28/2019-06:27:08.325470 [**] [1:2100368:7] GPL ICMP_INFO PING BSDtype [**] [Classification: Misc activity] [Priority: 3] {ICMP} 192.168.1.3:8 -> 192.168.1.2:0
However the timestamp is wrong. The correct timestamp is 03/28/2019-10:27:08.325470. I'm expecting the alert time to match the system time of the server
Às 01:24 de 28/03/19, Jason Taylor escreveu:
Can you give us some examples of alert output and then what you expect the time to be?
Are you expecting the alert time to match the system time of the server running suricata?
What type/manufacturer is the network card suricata is using? Is the network card using hardware or software time-stamping?
JT
On Wed, Mar 27, 2019, 18:25 João Pedro <oladj at live.com.pt<mailto:oladj at live.com.pt>> wrote:
Hello.
I'm struggling to adjust time in Suricata IDS. The suricata alerts are
including a wrong timestamp.
How can configure the time zone in Suricata?
Thanks in advance.
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org<mailto:oisf-users at openinfosecfoundation.org>
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Conference: https://suricon.net
Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190328/c2f8dc8b/attachment.html>
More information about the Oisf-users
mailing list