[Sguil-users] Time Zone Settings GMT vs UTC
Status: Beta
Brought to you by:
bamm
Menu
▾
▴
[Sguil-users] Time Zone Settings GMT vs UTC
|
From: Dave C. <sg...@pi...> - 2010-08-27 15:30:42
|
Greetings All,
I have a couple questions regarding what the general consensus for Time Zone settings in a Sguil installment are for eliminating time/date discrepancies when creating transcripts.
1) Should the OS's Time Zone on the senors and servers be set to GMT or UTC?
2) Once the recommendation for the first question has been implemented, what should be configured for the following?
A) log_packets.sh - should "TZ=GMT" be commented out, or modified to match the TZ chosen in question #1?
B) snort_flags - should the "-U" be included?
C) barnyard2.conf - should "config utc" be commented out?
In "civil" discussions UTC and GMT are generally considered to be the same, however, on the OS this does not appear to be the case:
MD5 (/usr/share/zoneinfo/Etc/UTC) = c79354b8dbee09e62bbc3fb544853283
MD5 (/usr/share/zoneinfo/Etc/GMT) = fcccbcf95c718cf2fdee557763e460be
Thanks in advance for helping clear my confusion!
-Dave
|