Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Postfix: Add note about timestamps #31

Open
miwent opened this issue Jun 12, 2024 · 0 comments
Open

Postfix: Add note about timestamps #31

miwent opened this issue Jun 12, 2024 · 0 comments
Assignees
@miwent
Labels
documentation Improvements or additions to documentation triaged Issue was processed the bug triage meeting.

Comments

@miwent
Copy link
Contributor

miwent commented Jun 12, 2024

Postfix events will include a timestamp that is commonly a legacy syslog format without a year. When parsed and indexed, Opensearch will treat the year as 1970.

In order to address this a processing step was added which reformats the date with the current year. See https://github.com/Graylog2/graylog-project-illuminate/issues/2039.

Add a note about this process, and that the potential exists for the year to be marked incorrectly for the seconds around the changing of the year, or when replaying older logs.
@miwent miwent self-assigned this Jun 12, 2024
@gormanbj gormanbj added documentation Improvements or additions to documentation triaged Issue was processed the bug triage meeting. labels Jun 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@miwent miwent

Labels
documentation Improvements or additions to documentation triaged Issue was processed the bug triage meeting.
Projects
None yet
Milestone
No milestone
Development

When branches are created from issues, their pull requests are automatically linked.

31-postfix-add-note-about-timestamps Graylog2/illuminate-documentation
2 participants
@miwent @gormanbj