logging: use ISO-like timestamp in file log

Also update suricata.yaml to show this default, as updating the "default-log-format" does not affect the file output.
3 years ago · 531c4336c9
parent 761e7c2a63
commit 531c4336c9
2 changed files with 2 additions and 1 deletions
--- a/src/util-debug.h
+++ b/src/util-debug.h
@ -74,7 +74,7 @@ typedef enum {
 } SCLogOPType;

 /* The default log_format, if it is not supplied by the user */
-#define SC_LOG_DEF_FILE_FORMAT      "[%i - %m] %t %d: %S: %M"
+#define SC_LOG_DEF_FILE_FORMAT      "[%i - %m] %z %d: %S: %M"
 #define SC_LOG_DEF_LOG_FORMAT_REL   "%D: %S: %M"
 #define SC_LOG_DEF_LOG_FORMAT_RELV  "%d: %S: %M"
 #define SC_LOG_DEF_LOG_FORMAT_RELVV "[%i] %d: %S: %M"
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@ -577,6 +577,7 @@ logging:
      enabled: yes
      level: info
      filename: suricata.log
+      # format: "[%i - %m] %z %d: %S: %M"
      # type: json
  - syslog:
      enabled: no