In files like /var/log/messages, /var/log/cron and /var/log/secure, this format is used for a time:
Mar 3 20:01:36
This format has few disadvantages
1. Does not include year which sometimes may be needed, mostly when doing long term analysis or some investigation.
2. Does not include timezone which may be important piece when working with system scattered around the globe.
3. It is not standard format. Standard is ISO 8601.
I would propose to change this to defaults to standard format with timezone included.
You can create your custom template for that:
Radovan, thanks, I know about this possibility, but
1. people are ignorant and lazy and usually do not set up their systems up to standards for running global business (UTC, ISO 8601) even in case they do run one or few
2. even more, they are able to set up new systems scattered around globe with here inspired logging time stamps and their only defense when confronted on this is (real quote) e.g.
> We've double-checked on the timestamps, and it's consistent with other syslogs.
> I can't think of a situation where we will look at year-old, or even months-old logs.
Purpose of this ticket is to slash and burn these unfortunate practices.
I agree with you.
I have to discuss that but it is possible to get this into f26. It is not an good idea to change default conf in stable fedoras.
Thank you, Radovan, for your effort on this, I highly appreciate it as I hit problems with this quite often...
I understand and completely agree with the point on stable releases.
I found out that this is not simple as I expected. It will be considered as system wide change which is quite complicated.
Thank you for update.
> It will be considered as system wide change which is quite complicated.
Well, the logging subsystem is system wide important so this is correct.
However the change is worth of it IMHO as current state is not ideal at all.
This System Wide Change was dismissed by FESCO.
Closing this bug...