CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reverse timestamps where necessary

Browse Source
This commit is contained in:
Wes
2023-09-19 13:28:20 +00:00
parent 5bac1e4d15
commit a1e963f834
1 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
salt/common/tools/sbin_jinja/so-import-evtx
View File

@@ -160,8 +160,18 @@ for EVTX in $INPUT_FILES; do
fi # end of valid evtx
# compare $START to $START_OLDEST
# determine start and end and make sure they aren't reversed
START=$(cat /nsm/import/$HASH/evtx-start_oldest)
END=$(cat /nsm/import/$HASH/evtx-end_newest)
START_EPOCH=`date -d "$START" +"%s"`
END_EPOCH=`date -d "$END" +"%s"`
if [ "$START_EPOCH" -gt "$END_EPOCH" ]; then
TEMP=$START
START=$END
END=$TEMP
fi
# compare $START to $START_OLDEST
START_COMPARE=$(date -d $START +%s)
START_OLDEST_COMPARE=$(date -d $START_OLDEST +%s)
if [ $START_COMPARE -lt $START_OLDEST_COMPARE ]; then
@@ -169,7 +179,6 @@ for EVTX in $INPUT_FILES; do
fi
# compare $ENDNEXT to $END_NEWEST
END=$(cat /nsm/import/$HASH/evtx-end_newest)
ENDNEXT=`date +%Y-%m-%d --date="$END 1 day"`
ENDNEXT_COMPARE=$(date -d $ENDNEXT +%s)
END_NEWEST_COMPARE=$(date -d $END_NEWEST +%s)