This is very odd. The current local time is 8:45:30 am, Denver/America MST. I have log entries in /var/log/auth.log, /var/log/syslog and /var/log/daemon.log that are dated in the future of that date timestamp… to wit 
note that Aug 3 14:02:32 pm MST is
Aug 3 2:02:30 pm MST…
syslog:Aug 3 14:02:32 whirlpool anacron[4216]: Normal exit (0 jobs run)
syslog:Aug 3 14:02:32 whirlpool systemd[1]: anacron.timer: Adding 31.244387s random time.
syslog:Aug 3 14:05:01 whirlpool CRON[4259]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
syslog:Aug 3 14:15:01 whirlpool CRON[4469]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
syslog:Aug 3 14:17:01 whirlpool CRON[4523]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
the various system daemons that are reporting this information
anacron
avahi-daemon
clamd
colord
CRON
dbus
dhclient
freshclam
kernel:
NetworkManager
nm-dispatcher:
org.kde.powerdevil.backlighthelper:
PackageKit:
sshd
su
systemd
systemd:(subsystems)
systemd-logind
systemd-resolved
systemd-udevd
wpa_supplicant
IPTABLES looks okay… no indication of intrusion, etc. just me logged in normally and as root…
Should I be concerned about this? Is this an indication of malicious activity? OR is this an indication of some software bug or DESIGN??? Curious mind would like to know.
Searching briefly on the 'net resulted in some related topics, but I haven’t looked through these results … just fyi…searching in duckduckgo with the following parameters ?q=unusual+date+timestamps+in+system+log+files+%2Fvar%2Flog%2F*.log&t=ffab&ia=images
My machine environment :
Linux Debian Jessie
zareason laptop
KDE/GNOME desktop
oh, and running a commercial VPN
anything else?
Hi Snookers,
That’s rather odd. Does your
$ date
Output also providing future date?
About configuration: what time sync service do you use? And to what timeservers do it point?
[/s/ Moderators and ambassadors-of-good-will-at-large sorry for going on a bit and off topic, but it was MY topic that started this thread, and I don’t mind my own rambling unless I’m driving down the freeway… which I’m not ATM. …
so.
As I have come to learn, caveat emptor (i.e., me), we have met the enemy and they are us. There turned out to be no discrepancy whatsoever, simply a mis-reading of the facts. Facts don’t lie, that is an oxymoronic statement of no meaning. At any rate what happened was that I saw the earlier time stamp, at the beginning of the log file(s) with a timestamp at a time later on day 1 than the time stamp later in the same file with a timestamp earlier in the day, but not of day 1 but rather of day 2. So the timestamps were recorded within a 24 hour timespan, but across a day boundary, either a noon event or a midnight event, sunrise or sunset… duh. d’oh as our friend and mentor Mr. Homer would be suggesting. Anyway I don’t listen to him much anymore, don’t care for beer all the time, anyway I divirge a bit. Lesson to be learned. Damn, Linux is funner than a barrel of drunk nerds and / or geeks trying to root their way out of the bottom of a sandbox full of green avocado chile dips. Of the animal sort, who would-be-vegetarians. Capish? …
now, on to recreating my contacts ascii-ized database XML file for encrypting my email recipients distribution list after having made my laptop unbootable and NOT recoverable from a live recovery flash-drive. Tricky BIOS secret key activation needed to change boot sequence, timing delay, boot options, and thereby repair harddrive with fubarred boot sector AND partition table gone awry… lesson 2 learned in 2 months… dreading September 11th when it comes around. Historical nonsense Seldon/Asimov notwithstanding.
Hey Snookers,
Misreading timestamps in logfiles is perhaps a lesson we all learn the hard way. I recall raising alarm about a system breach on one of the most critical database servers a few years back. There was a login according to the logs at a date when no authorized admin did log in. Before sending out a full-scale alert to the management I noticed the timestamps of the query span over years - and the login in question was indeed myself, a year before the current one. I’ll remember that one always.
LOL. Lessons learned about the wolf crying “Fire!”. Very embarrasing when it happens, and, of course, even worse when something really really bad happens and you are the only one to discover it, and just in time, IF ONLY PEOPLE WOULD BELIEVE YOU, which of course they won’t because you have no more credibility, AND of course, all you can do is watch a train wreck happen in slow motion, just to your continuing monotonically increasing everlasting horror… and people say anti-miracles never happen…