Epoch time is the UNIX time reference (represented in seconds) starting at January 1, 1970 00:00 UTC.
For example, for the Epoch timestamp: 1326209437
The conversion is:
Human time (your time zone): Tuesday, January 10, 2012 8:30:37 AM
Human time (GMT): Tue, 10 Jan 2012 15:30:37 UTC
The number representing time must be at the beginning of the log message because regex identifies the first number as the time.
To convert a flat file to Epoch time
-
On the main toolbar, click Deployment Manager.
-
Click the Log Sources tab.
-
In the lower grid, right-click the log source type Syslog File - LogRhythm Syslog Generator, and then click Properties.
-
On the Flat File Settings tab, open the Date Format Manager by clicking the ellipsis [...] button after the Date Parsing Format field.
-
On the File menu, click New.
-
Enter the Name Epoch.
-
Enter the Regex pattern <unix> and click OK.
-
Select the Epoch date format and click OK.