[syslog-ng]timestamp issues
todd glassey
todd.glassey@worldnet.att.net
Fri, 3 Aug 2001 16:16:48 -0700
I am in the process of developing a high-security timestamping regiment with
NIST specifically to address the management of time data running inside a
system's clock. This is complete with a PKI infrastructure and it will
create evidentiary content for logging systems and the like.
Todd Glassey
----- Original Message -----
From: "David Douthitt" <ssrat@mailbag.com>
To: <syslog-ng@lists.balabit.hu>
Sent: Friday, August 03, 2001 12:55 PM
Subject: Re: [syslog-ng]timestamp issues
> Mickey Everts wrote:
> >
> > How is it possible to have out of order time stamps? My first thought
would
> > be that somehow the device itself is sending the timestamp.
>
> That is the fact. The syslog entry contains the time from the source
> generating the syslog message.
>
> > Aug 2 15:11:24 ap01.yipes.com KERN: NV:Completed configuration save
> > (secondary) operation
> > Aug 2 15:10:47 t3-0-2-0.jp02.yipes.com mgd[13087]: UI_JUNOSCRIPT_ERROR:
> > junoscript error: syntax error, expecting <command>
> > Aug 2 15:11:26 t3-0-2-0.jp02.yipes.com mgd[13087]:
UI_CMDLINE_READ_LINE:
> > user 'auser', command 'start shell '
>
> In this case, the time on ap01.yipes.com is ahead of that on
> t3-0-2-0.jp02.yipes.com. The best way to fix this is to run NTP
> (Network Time Protocol) on all of the servers; I recommend appointing
> one machine to be ntp.yipes.com, synchronizing it to some Internet NTP
> server, and let your entire company synchronize to ntp.yipes.com.
>
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng