I'm new on this, so I'll try explain it the best I can do it =).
I'm working with iptables logs system, particulary with the "alleged" field that returns me iptables like float timestamp format.
Oct 2 21:16:40 debian kernel: [11354.641909] Nuevo intento de conexion SSHIN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=192.168.1.1 DST=192.168.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=19375 DF PROTO=TCP SPT=47913 DPT=22 WINDOW=43690 RES=0x00 SYN URGP=0
It would be the first field in square brackets of the line of code [11354.641909].
When I try to transform this value into a date type from python:
print time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(11354.641909))
I get the following date:
1970-01-01 04:09:14
The date should obtain it is similar to the first fields of the iptables line.
I don't know what I'm doing wrong but I'm going crazy looking everywhere and I can't find an answer to this.
The version of iptables is the v 1.4.21 and my system is a Debian Jessie.
Thanks a lot for the help!
A greeting,
MG
The value is not an epoch timestamp, it's the number of seconds since the boot of your server. More information on how to make this readable: Convert dmesg timestamp to custom date format .