Hi Karmeng,
Yes access logs should cater to Daylight savings , reason for that is as the current timestamp in smaccess logs doesn't have the correct offset , for example i am in EST time zone and the access log is printed with (localtime -0500) which does not translate to the correct GMT time.
I am facing a problem when these logs have to parsed through splunk, since the offset is 5 hours , time that is converted from access logs is in future by 1 hour , so we cannot generate the reports properly.
Looking at my LDAP logs those do cater to DST offset if i look at the logs the GMT offset is 4 hours which it should be because of DST.
Thanks