x509.log: certificate.not_valid_before & certificate.not_valid_after

puntogtg · March 17, 2016, 3:33pm

Hello,
in the x509.log normally the values regarding certificate.not_valid_before & certificate.not_valid_after look like:
1444082400.000000 1475791199.000000
I found some value like this:
-3600.000000 2.153226e+09

Is it possible to modify something in order to have 2153226000 instead 2.153226e+09 ?

Thanks

Connetti gratis il mondo con la nuova indoona: hai la chat, le chiamate, le video chiamate e persino le chiamate di gruppo.
E chiami gratis anche i numeri fissi e mobili nel mondo!
Scarica subito l’app Vai su https://www.indoona.com/

Seth_Hall3 · March 22, 2016, 7:42pm

Yep, agreed. Scientific notation in the logs like that is not the desired output. Here's a link to the ticket I filed:
https://bro-tracker.atlassian.net/browse/BIT-1558

.Seth

johanna · March 22, 2016, 8:29pm

Somewhat related - do you happen to have the certificate (or the name of
the site from which the certificate was served)?

I am kind of curious how a negative timestamp managed to happen there...

Johanna

Topic		Replies	Views
When is the file hash value available for the X509 certificate? Zeek	6	83	May 6, 2022
Question about data format of ssl.log files Zeek	10	67	May 6, 2022
Invalid_Server_Cert entries in notice.log Zeek	2	100	May 6, 2022
Problems parsing x509 issuer? Zeek	6	118	May 6, 2022
expire-certs.bro can I get the expiry date too? Zeek	4	67	May 6, 2022

x509.log: certificate.not_valid_before & certificate.not_valid_after

Related topics