https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022020-05-04T15:31:57ZOpen Information Security FoundationSuricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=163452020-05-04T15:31:57ZBryan Jones
<ul></ul><p>This looks like the relevant commit.<br /><a class="external" href="https://github.com/OISF/suricata/commit/b12c53cd51ca1b24039c248f1eab6808d9686e4b">https://github.com/OISF/suricata/commit/b12c53cd51ca1b24039c248f1eab6808d9686e4b</a></p>
<p>Bryan Jones wrote:</p>
<blockquote>
<p>I am running Suricata-5.0.2-1-64bit.exe suricata install on windows. When I try to import the json data into mysql using this tool, <a class="external" href="https://github.com/beave/meer">https://github.com/beave/meer</a>, it fails on windows because the timestamp looks like this "2020-05-04T01:08:06.39502Eastern Daylight Time" In linux it looks like this. "2020-05-04T01:08:06.3950273-0400.</p>
<p>Note I am typing these out because the systems are not on this machine and I can't copy paste between them easily. So ignore minor time error details in case I misstyped</p>
<p>Is this something I can adjust in a config file, if not, can you point me to the code where this is handled so that I can strip out the "Eastern Daylight Time" string from the timestamp?</p>
<p>thanks</p>
</blockquote> Suricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=163492020-05-05T12:18:10ZVictor Julienvictor@inliniac.net
<ul></ul><p>Some discussion about this here on the MinGW mailinglist: <a class="external" href="https://sourceforge.net/p/mingw/mailman/message/16286257/">https://sourceforge.net/p/mingw/mailman/message/16286257/</a><br />Includes a workaround suggestion.</p> Suricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=163982020-05-12T20:03:36ZVictor Julienvictor@inliniac.net
<ul><li><strong>Tracker</strong> changed from <i>Support</i> to <i>Bug</i></li><li><strong>Status</strong> changed from <i>New</i> to <i>Assigned</i></li><li><strong>Assignee</strong> set to <i>Victor Julien</i></li><li><strong>Target version</strong> set to <i>6.0.0beta1</i></li><li><strong>Label</strong> <i>Needs backport</i> added</li></ul> Suricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=163992020-05-12T20:04:02ZVictor Julienvictor@inliniac.net
<ul><li><strong>Label</strong> <i>Needs backport to 4.1, Needs backport to 5.0</i> added</li></ul> Suricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=164642020-05-25T07:05:07ZVictor Julienvictor@inliniac.net
<ul></ul><p><a class="external" href="https://github.com/OISF/suricata/pull/4976/commits/bbdc11842d324005567bac5eafdea5fd0fc62688">https://github.com/OISF/suricata/pull/4976/commits/bbdc11842d324005567bac5eafdea5fd0fc62688</a></p> Suricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=164652020-05-25T07:05:16ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Closed</i></li></ul> Suricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=164662020-05-25T11:40:46ZJeff Lucovsky
<ul><li><strong>Copied to</strong> <i><a class="issue tracker-1 status-5 priority-4 priority-default closed" href="/issues/3723">Bug #3723</a>: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamp</i> added</li></ul> Suricata - Bug #3690: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamphttps://redmine.openinfosecfoundation.org/issues/3690?journal_id=164682020-05-25T11:41:05ZJeff Lucovsky
<ul><li><strong>Copied to</strong> <i><a class="issue tracker-1 status-5 priority-4 priority-default closed" href="/issues/3724">Bug #3724</a>: eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamp</i> added</li></ul>