Date format in Snort

xternal · Apr 20, 2016, 11:41 PM

Hello,
Would it be possible to amend the date format in the Snort GUI to adhere to the pfSense long format that is used in the logs e.g. Apr 13 12:04:31
or provide an option to switch to DD/MM/YY

You crazy Americans with your MM/DD/YY format is so confusing :o :)

bmeeks · Apr 21, 2016, 6:24 PM

Hmm…I don't think Snort itself can be changed, but it's possible I may be able to work on how the GUI displays the alerts in the web interface. I will add that to my feature request list.

Bill

digs · Jun 7, 2016, 1:34 PM

Ooh. Convenient finding this thread as it saves me creating a new one. I've just implemented Snort on pfSense and encountered the same date format issue (In Australia)

I'd also hoped to display in DD/MM/YYYY format. When diagnosing logged alerts you have to remember you're not driving in the left hand lane ;-)

Bill, your suggestion sounds like a feasible workaround for my purposes even though it makes me twitch a little as it's not addressed at root cause. But I understand it's a bigger issue than I can hope to have addressed.

bmeeks · Jul 5, 2016, 3:56 AM

The next update to the Snort GUI package contains a fix to display the date in ISO-8601 format on the ALERTS and BLOCKED tabs. Unfortunately the raw alert log will still be in the U.S. format of MM-DD-YY with the two-digit year. The GUI display format will be YYYY-mm-dd.

This new version will be 3.2.9.1_14 and should show up soon.

Bill

xternal · Jul 5, 2016, 2:38 AM

Thanks Bill!