Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Bug with timestamp. Snort 1.8 and FreeBSD and ACID

From: Borja Marcos <borjamar () sarenet es>
Date: Tue, 19 Jun 2001 16:25:25 +0200
On Tuesday 19 June 2001 03:42, you wrote:

I'm skeptical that ACID garbled that date, since
it read it raw from the database.  More likely is
that this is how the timestamp was written to the
database.  Can you confirm this?

Run something like:

SELECT * FROM event WHERE sid=1 AND cid=3310

What is the format of the date?  Likewise, to
re-iterate the timestamps in the DB should read
12:32:37+02 ?


        You are right ;-) 

snort=> select * from event where sid=1 and cid=3310;
 sid | cid  | signature |       timestamp
-----+------+-----------+------------------------
   1 | 3310 |        40 | 2001-06-19 14:32:39+02
(1 row)

        It seems to be Snort. The database server is PostgreSQL 7.1.2_1.



        Borja.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: