Event Log Timestamp

+1 vote
asked Mar 9 in EventSentry Web Reports by NC (160 points)
Just upgraded to the latest version of ES and all of our event logs appear to be written in GMT. Where is a setting to change this to log local time?

2 Answers

+1 vote
answered Mar 9 by Sally (670 points)
selected Mar 9 by NC
Best answer
Do you mean in the web reports?  If you go into the web reports menu and choose Settings > Preferences, make sure it has the correct time zone listed there (blank time zone = it will use your browser's current time zone) and make sure you save if you change those settings.

It's also possible that your agents write in UTC time but your web reports don't read in UTC time, or vice versa, and that would throw off your searches/display results by a few hours.  You can go into web reports menu under Settings > Profiles, and try to change the "UTC" checkbox in the database settings (click Submit to save) to see if that fixes the timestamps.

If you mean that the timestamps are wrong for email alerts instead, that's really strange and it would be helpful if you had an example such as whether it only happens from certain machines or all machines and so forth.
+1 vote
answered Mar 9 by Steven Flowers (1,440 points)

In the EventSentry management console, could you please check to see under "Global Options" if you see a box "UTC Support Enabled" that is grayed out? Then, in the web reports under "Settings > Profiles", is the box checked for UTC under database? If you saw "UTC Support Enabled" in the management console, please make sure that option is checked. If you didn't see that in the console, please make sure that option is unchecked. Now, you can also check the timezone settings by going to:

http://servername:8080/preferences (replacing servername with the name of your management console server)

Did that resolve your issue or are you still seeing the problem?

commented Mar 9 by NC (160 points)
Thank you. I found UTC was selected under Settings > Profiles > Database Connection. Once I unchecked this, the logs are now logging in local time.
Welcome to EventSentry Q&A, where you can ask questions and receive answers from other members of the community.