Meraki

Community

MX syslog message format question

Solved
KevinCole
Conversationalist
‎Mar 9 2018 9:27 AM
‎Mar 9 2018 9:27 AM

MX syslog message format question

I'm writing a parser for MX messages. I've read the Syslog Event Types and Log Samples, but haven't found what some of the info is. Many of the messages start with a dotted number that includes the unix epoch, but I don't know what the second half is.

 

For example, on the doc page under "ids-alerts: ids signature matched" there is this sample

 

1377449842.514782056 MX84 ids-alerts signature=129:4:1 priority=3 timestamp=1377449842.512569 direction=ingress protocol=tcp/ip src=74.125.140.132:80

 

The 1377449842 would be "GMT: Sunday, August 25, 2013 4:57:22 PM"

 

But what is the 514782056 part?

 

Thanks.

 

Thanks!

 

 

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 9 2018 2:14 PM
‎Mar 9 2018 2:14 PM

I think (and could be wrong) that this is a Linux 19 digit time stamp - which allows you to specify times down to a nanosecond.

View solution in original post

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 9 2018 2:14 PM
‎Mar 9 2018 2:14 PM

I think (and could be wrong) that this is a Linux 19 digit time stamp - which allows you to specify times down to a nanosecond.

In response to PhilipDAth
KevinCole
Conversationalist
‎Mar 9 2018 2:38 PM
‎Mar 9 2018 2:38 PM

Kudos!

 

The epoch, in milliseconds ...

 

The Linux/Ubuntu equivalent is date +%s.%N:
Linux $ date +%s.%N
1403377762.035521859

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.