From 5ca983d492bb4bf26aab5c1862f88321a9ed710a Mon Sep 17 00:00:00 2001 From: stuartjash Date: Sat, 17 Sep 2022 17:42:59 -0700 Subject: [PATCH 1/2] fixed timestamps to conform to iso format --- aftermath/Aftermath.swift | 4 ++-- analysis/LogParser.swift | 6 +++--- analysis/ProcessParser.swift | 2 +- filesystem/browsers/Safari.swift | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/aftermath/Aftermath.swift b/aftermath/Aftermath.swift index 17d62d9..ee70049 100644 --- a/aftermath/Aftermath.swift +++ b/aftermath/Aftermath.swift @@ -50,7 +50,7 @@ class Aftermath { let dateFormatter = DateFormatter() dateFormatter.locale = Locale(identifier: "en_US") - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" dateFormatter.timeZone = TimeZone(secondsFromGMT: 0) let dateString = dateFormatter.string(from: date as Date) @@ -74,7 +74,7 @@ class Aftermath { dateFormatter.dateFormat = "yyyy-MM-dd HH:mm:ss" if let date = dateFormatter.date(from: timeStamp) { - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" let dateString = dateFormatter.string(from: date as Date) return dateString } else { diff --git a/analysis/LogParser.swift b/analysis/LogParser.swift index 01a7748..54cfa6f 100644 --- a/analysis/LogParser.swift +++ b/analysis/LogParser.swift @@ -48,7 +48,7 @@ class LogParser: AftermathModule { sanatizeInfo(&info) guard let dateZone = dateFormatter.date(from: unformattedDate) else { continue } - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" let formattedDate = dateFormatter.string(from: dateZone) let text = "\(formattedDate), INSTALL, \(info)" self.addTextToFile(atUrl: logsFile, text: text) @@ -100,7 +100,7 @@ class LogParser: AftermathModule { let unformattedTimestamp = "\(month) \(date) \(currentYear!) \(time)" guard let formatted = dateFormatter.date(from: unformattedTimestamp) else { continue } //Ex: 2022-08-26 00:01:40 UTC - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" let dateString = dateFormatter.string(from: formatted) let text = "\(dateString), SYSLOG, \(info)" @@ -141,7 +141,7 @@ class LogParser: AftermathModule { sanatizeInfo(&info) guard let dateZome = dateFormatter.date(from: unformattedDate) else { continue } - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" let formattedDate = dateFormatter.string(from: dateZome) let text = "\(formattedDate), XPROTECT_REMEDIATOR, \(info)" self.addTextToFile(atUrl: logsFile, text: text) diff --git a/analysis/ProcessParser.swift b/analysis/ProcessParser.swift index 3880115..9404f10 100644 --- a/analysis/ProcessParser.swift +++ b/analysis/ProcessParser.swift @@ -45,7 +45,7 @@ class ProcessParser: AftermathModule { sanatizeInfo(&info) guard let dateZone = dateFormatter.date(from: unformattedDate) else { continue } - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" let formattedDate = dateFormatter.string(from: dateZone) let text = "\(formattedDate), PROCESS, \(info)" self.addTextToFile(atUrl: self.storylineFile, text: text) diff --git a/filesystem/browsers/Safari.swift b/filesystem/browsers/Safari.swift index d149416..fdf7e10 100644 --- a/filesystem/browsers/Safari.swift +++ b/filesystem/browsers/Safari.swift @@ -95,7 +95,7 @@ class Safari: BrowserModule { let dateTimestamp = value as! Date let dateFormatter = DateFormatter() dateFormatter.locale = Locale(identifier: "en_US") - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" dateFormatter.timeZone = TimeZone(secondsFromGMT: 0) let dateString = dateFormatter.string(from: dateTimestamp as Date) From 1505b8c6a5dde4947735a2f89bc53590694fa0a1 Mon Sep 17 00:00:00 2001 From: stuartjash Date: Mon, 19 Sep 2022 10:12:57 -0700 Subject: [PATCH 2/2] added z --- aftermath/Aftermath.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aftermath/Aftermath.swift b/aftermath/Aftermath.swift index ee70049..7d762f6 100644 --- a/aftermath/Aftermath.swift +++ b/aftermath/Aftermath.swift @@ -66,7 +66,7 @@ class Aftermath { dateFormatter.timeZone = TimeZone(secondsFromGMT: 0) if let date = dateFormatter.date(from: timeStamp) { - dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss" + dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'" let dateString = dateFormatter.string(from: date as Date) return dateString }