[Bro] Bro timestamp JSON::TS_ISO8601 - how to get system time in log files
Seth Hall
seth at icir.org
Mon Aug 15 06:21:53 PDT 2016
> On Aug 15, 2016, at 3:34 AM, Aneela Safdar <ansaf_130 at yahoo.com> wrote:
>
> I am using JSON::TS_ISO8601 as time stamp format for json formatted logs. The date part is working fine, i.e. receiving current date but is there any settings for GMT offset as I am not getting the correct time of my timezone. Its even not taking it from my system.
There is no mechanism right now to do anything but UTC in the json output. Are you sure that you want data with timezones? Most people are not served well with this approach since most systems prefer to store everything in UTC internally and change the output time to match whatever the viewer would like.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
More information about the Bro
mailing list