Security Onion Blog

Wednesday, June 22, 2011

Security Onion and UTC

Sguil uses UTC.  It does this for a few reasons:
  1. UTC avoids any timewarps when changing from standard time to daylight saving time and vice versa.
  2. UTC allows for correlation when sensors are in different time zones.
Because Sguil uses UTC, it is recommended to set your Security Onion timezone to UTC.  Here's how:
echo "Etc/UTC" | sudo tee /etc/timezone
sudo dpkg-reconfigure --frontend noninteractive tzdata
For more information, please see:
at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Security Onion 2.4.130 now available including Elastic 8.17.3 and much more!

Security Onion 2.4.130 is now available including Elastic 8.17.3 and much more! Elastic 8.17.3 The main focus of this release is upgrading t...

Popular Posts

  • Security Onion 2.4 Base OS
    Introduction Recent events have forced us to change course on the base operating system (OS) for Security Onion 2.4.  On 6/21/2023, Red Hat ...
  • Security Advisory for Squert
    Introduction Jeffrey Medsger reported several command injection and SQL injection vulnerabilities in Squert.  Wes Lambert also discovered s...
  • Community Webinars featuring Security Onion
    Thanks to all who attended the Zeek webinar on May 27! For those weren't able to join, the recording should be available soon and we wi...

Blog Archive