Project

General

Profile

Actions
Copy link

Bug #3690

closed

eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamp

Added by Bryan Jones over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
6.0.0beta1
Affected Versions:
5.0.2
Effort:
Difficulty:
Label:
Needs backport, Needs backport to 4.1, Needs backport to 5.0

Description

I am running Suricata-5.0.2-1-64bit.exe suricata install on windows. When I try to import the json data into mysql using this tool, https://github.com/beave/meer, it fails on windows because the timestamp looks like this "2020-05-04T01:08:06.39502Eastern Daylight Time" In linux it looks like this. "2020-05-04T01:08:06.3950273-0400.

Note I am typing these out because the systems are not on this machine and I can't copy paste between them easily. So ignore minor time error details in case I misstyped

Is this something I can adjust in a config file, if not, can you point me to the code where this is handled so that I can strip out the "Eastern Daylight Time" string from the timestamp?

thanks

Related issues 2 (0 open2 closed)

Copied to Suricata - Bug #3723: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestampClosedVictor JulienActions
Copied to Suricata - Bug #3724: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestampClosedShivani BhardwajActions
Actions
Copy link

Also available in: Atom PDF