Security Onion Blog

Wednesday, June 22, 2011

Security Onion and UTC

Sguil uses UTC.  It does this for a few reasons:
  1. UTC avoids any timewarps when changing from standard time to daylight saving time and vice versa.
  2. UTC allows for correlation when sensors are in different time zones.
Because Sguil uses UTC, it is recommended to set your Security Onion timezone to UTC.  Here's how:
echo "Etc/UTC" | sudo tee /etc/timezone
sudo dpkg-reconfigure --frontend noninteractive tzdata
For more information, please see:
at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Security Onion 2.4 Feature o' the Day - Configure Sensoroni

Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure Sensoroni: You can read more...

Popular Posts

Blog Archive