Date format in Snort
-
Hello,
Would it be possible to amend the date format in the Snort GUI to adhere to the pfSense long format that is used in the logs e.g. Apr 13 12:04:31
or provide an option to switch to DD/MM/YYYou crazy Americans with your MM/DD/YY format is so confusing :o :)
-
Hmm…I don't think Snort itself can be changed, but it's possible I may be able to work on how the GUI displays the alerts in the web interface. I will add that to my feature request list.
Bill
-
Ooh. Convenient finding this thread as it saves me creating a new one. I've just implemented Snort on pfSense and encountered the same date format issue (In Australia)
I'd also hoped to display in DD/MM/YYYY format. When diagnosing logged alerts you have to remember you're not driving in the left hand lane ;-)
Bill, your suggestion sounds like a feasible workaround for my purposes even though it makes me twitch a little as it's not addressed at root cause. But I understand it's a bigger issue than I can hope to have addressed.
-
The next update to the Snort GUI package contains a fix to display the date in ISO-8601 format on the ALERTS and BLOCKED tabs. Unfortunately the raw alert log will still be in the U.S. format of MM-DD-YY with the two-digit year. The GUI display format will be YYYY-mm-dd.
This new version will be 3.2.9.1_14 and should show up soon.
Bill
-
Thanks Bill!