ausearch how to specify both time and date
5,215
The date and time should be separate arguments:
sudo ausearch --start 05/07/2019 '16:48:07'
I found an example online, but a more careful reader could have seen this in the man page:
-ts, --start [start-date] [start-time]
Search for events with time stamps equal to or after the given
start time. The format of start time depends on your locale. If
the date is omitted, today is assumed. If the time is omitted,
midnight is assumed. Use 24 hour clock time rather than AM or PM
to specify time. An example date using the en_US.utf8 locale is
09/03/2009. An example of time is 18:00:00. The date format
accepted is influenced by the LC_TIME environmental variable.
Notice -ts, --start [start-date] [start-time], clearly there are two optional arguments, not one.
Related videos on Youtube
08 : 11
How to get Date and Time stamps in Axure RP 10 📆
04 : 29
Access Tutorial - Specifying a range of dates or times
03 : 48
How to convert Date from one timezone to another in OIC Integration? fn:adjust-date-to-timezone,XSLT
01 : 41
Unix & Linux: ausearch how to specify both time and date
10 : 04
How To Format Microsoft Access Date/Time Values to Show the Date Only Unless a Time is Specified
Author by
jtpereyda
Maintainer of boofuzz. "If you're going to make a backward-compatibility-breaking change, no time is better than now; things will be worse in the future." Eric Lippert Sharp Regrets: Top 10 Worst C# Features
Updated on September 18, 2022Comments
-
jtpereyda almost 2 years
I can run
ausearchbased on time:sudo ausearch --start '16:48:07'or date:
sudo ausearch --start '05/07/2019'but not both:
> sudo ausearch --start '05/07/2019 16:48:07' Invalid start time (05/07/2019 16:48:07). Hour, Minute, and Second are required.The man page clearly implies that you can specify date or time or both but does not have an example with both.
How does one run
ausearchwith both date and time specified? -
daveespo about 4 yearsThank you very much!
