|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ogle Ron (Rennes) (OgleR
thmulti.com)Date: Wed Dec 05 2001 - 11:19:00 CST
We are trying to create a centralized log repository for our *nix systems
mostly of Solaris persuasion. The problem is that these systems are located
around the globe in different time zones. We would like the central
repository to collect the logs using GMT/UTC time.
When syslog on the local machine sends a message to the central repository,
it sends the message using it's own local time. This causes a problem when
trying to correlate data. We would like to change all entries in the
central repository to GMT/UTC time.
It doesn't look like there are any switches available on the syslogd or
syslog.conf to make the local machine use GMT/UTC time instead of local time
for log entries. I'm currently looking at modifying the syslogd code to
allow for a switch that would allow the log program to use GMT/UTC time
instead of the local time.
First, is this the right approach to use in changing syslogd?
Second, does anyone have such a program already with source?
Third, it seems that the change should be from using the ctime() call in
syslogd to using a combination of gmtime() and asctime(). Would this be
correct?
Thanks in advance.
Ron Ogle
INFOSEC Engineer
Thomson multimedia
Rennes, France
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]