Feature #1469
openUse ISO 8601 date/time formats
Description
suricata (as of 2.0.7) uses a date format that can be confusing. The log files have the US standard form "mm/dd/yyyy". However, when looking at the output of the "-v" option, the date form is "dd/mm/yyyy", a European preference, using slashes instead of dots. The ambiguity becomes obvious only when the day of month exceeds 12.
The feature request is an option in <suricata.yaml> to select a date format between its current form and an ISO 8601 form; my preference is "2015-05-13T09:00:24".
Reference: <https://en.wikipedia.org/wiki/ISO_8601>
Updated by Andreas Herz almost 9 years ago
- Assignee set to OISF Dev
- Target version set to TBD
Updated by Victor Julien almost 7 years ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Richard Sailer
- Target version changed from TBD to 70
I think it would be good to add support for the ISO form in console logging as well. CreateIsoTimeString() can be used in SCLogMessageGetBuffer() in util-debug. The messages are constructed based on a format string which defaults to SC_LOG_DEF_LOG_FORMAT. I would suggest adding a new format specifier.
Updated by Andreas Herz over 5 years ago
- Assignee changed from Richard Sailer to OISF Dev
Updated by Andreas Herz over 5 years ago
- Related to Optimization #1718: Time stamp in Log files should be ISO 8601 format added
Updated by Victor Julien about 4 years ago
- Target version changed from 70 to TBD