Hi all,
Any idea why new bro logs epoch timestamp is about 1 hour earlier than the actual clock of the host ?
I am running a cluster and I was wondering how to fix this issue.
Thank you,
B
Is it possible that you are converting timestamps into something readable on a system where the timezone is set differently than you expect? One hour off seems suspicious to me as though it might be a timezone issue (although the unix epoch timestamp doesn't have a timezone built into it so the application of timezone only happens when you do the conversion for viewing).
.Seth