'--timezone' and '--local' option not working as intended

[mohdaadilf]

Been trying to use the hunt feature and have the output in the local timezone (which is IST for me). The docs are stating that i can use the --local or --timezone <timezone> however neither of these options seem to work for me. The output seems to stay in UTC time.

Additionally, I am unsure what time zones can be provided for the timezone option. Tried inputting "IST", "EDT", "CST" and "ET" to no avail but "UTC" and "GMT" seems to work - but then again the standard output is in UTC so that doesn't make a difference does it. Been wondering if there was a way to help better documentation on this - and if & how I'd be able to help?

[alexkornitzer]

Hey,

Firstly it seems that chrono_tz does not implement IST, hence why that one is not being allowed through the command line (https://github.com/chronotope/chrono-tz/issues/44). So unless we add support to use fixed offsets so +0530 could be handled then a matching timezone like Asia/Colombo would have to be used.

So this output issue is on me cause we never truly validated the timezone code: https://github.com/WithSecureLabs/chainsaw/blob/e47f9ce066960795675a2e45e491d0e52016c05f/src/hunt.rs#L1043-L1044 I'll assign this to me and get is fixed ASAP.

[alexkornitzer]

Right, I think timezone support is now implemented correctly. That should be out soon in the next release.