Version

6.0.2.x, 7.X.

Issue

Reported events for new file are showing up on the Bit9 Console exactly one hour in the past when compared to the time displayed for Date Created on the File Details page. Both endpoint and Bit9 Server are set to (UTC) Universal Coordinated Time (there is no Daylight Savings check-box for this time zone).

Symptoms

The 'Date Created' event appears to be exactly 1 hour ahead of the 'First Seen Date' and 'Last Updated' information on the File Details page.

Cause

The time zones on the Bit9 Server and endpoint may be in sync, but the Bit9 Console must also be set to the matching time zone, not just left as 'automatic'. The 'automatic' setting checks against SQL for the time zone confirmation.

Solution

Open the Bit9 Console. Click on Administration > System Configuration > General > Click on Edit. Use the 'Server Timezone' drop down menu and select the corresponding time zone to correspond with your Bit9 Server and endpoint.

Important Note(s)

Time zone difference might be more than 1 hour, but the concept should still apply. The Bit9 Server, Bit9 Agent and Bit9 Console should all apply matching time zones, taking daylight savings into consideration.

Related Solution(s)

Time discrepancy within the Bit9 Console.