Wrong timestamps in /var/log/messages
Do you have NTP installed??
Are you using a UTC clock with the correct timezone?
Note: Im in Europe ( so i know that im +1 on UTC )
You should only have to set the time correctly (perhaps restarting a daemon or two )
Related videos on Youtube
visola
Updated on September 17, 2022Comments
-
visola over 1 year
The
/var/log/messages
file on an openSUSE 11.2 server shows invalid timestamps. Specifically, the timezone seems to be off for whatever process manages this file. I am unsure whether the times are supposed to be in UTC or in the server's local timezone, but currently they are in neither.Example: UTC time is 8:14, which would be 9:14 in server local time, but a newly added line in
/var/log/messages
has a timestamp of 7:14. I am suspecting this to be the reason fail2ban does not ban anybody.Different processes are adding lines to the log file, for instance cron and sshd, and both have invalid timestamps. The server's time has been updated and the server has not been restarted since, so could this possibly be a reason for the invalid timestamps?
-
visola over 13 yearsWe are using ntpd, though it was added later (neither server nor daemons were restarted since). Which demons would I have to restart to account for the time change?
-
Arenstar over 13 yearsif you type 'date' you should get the right time.. if so.. just restart a daemon thats logging wrong, and test it.. (it might be just simpler if your able to restart the server :D )
-
visola over 13 yearsRestarting the syslog daemon has indeed helped. Thanks!
-
Arenstar over 13 yearsAhhh great :D glad to have helped solved your problems..