diff --git a/bin/collect_login_data.sh b/bin/collect_login_data.sh
index 455213d..1e27e00 100755
--- a/bin/collect_login_data.sh
+++ b/bin/collect_login_data.sh
@@ -33,15 +33,16 @@ function parseLog()
 	debug="${5}";
 
 	# echo "L: $line";
-
-	auth_date=$(echo "${line}" | cut -c 1-6)" ${start_year} "$(echo "${line}" | cut -c 8-15);
-	auth_date=$(echo "${auth_date}" | date +"%F %T" -f -);
 	# auth user has . at the end, remove that one
 	if [ "${logger}" = "systemd" ]; then
+		# 2022-11-18T20:04:08+0900
+		auth_date=$(echo "${line}" | cut -d " " -f 1);
 		auth_user=$(echo "${line}" | cut -d "]" -f 2 | cut -d " " -f 7 | cut -d "." -f 1);
 	else
+		auth_date=$(echo "${line}" | cut -c 1-6)" ${start_year} "$(echo "${line}" | cut -c 8-15);
 		auth_user=$(echo "${line}" | cut -d ")" -f 2 | cut -d " " -f 6 | cut -d "(" -f 1);
 	fi;
+	auth_date=$(echo "${auth_date}" | date +"%F %T" -f -);
 
 	# echo -n "USER: $auth_user | DATE: $auth_date";
 
@@ -71,9 +72,9 @@ if [ -z "${init_version##*systemd*}" ]; then
 		OPT_START_DATE="-S ${START_DATE}";
 		OPT_END_DATE="-U ${END_DATE}";
 	fi;
-	# READ as other format so we get the YEAR (JSON )
+	# READ as other format so we get the YEAR -o short-iso
 	START_YEAR=$(date +%Y -d "1 day ago");
-	journalctl -u systemd-logind --no-pager ${OPT_START_DATE} ${OPT_END_DATE} | grep ": New session" |
+	journalctl -u systemd-logind --no-pager -o short-iso ${OPT_START_DATE} ${OPT_END_DATE} | grep ": New session" |
 	while read line; do
 		# # Nov 21 14:15:46 we.are.hostname.com systemd-logind[1865]: New session 12345 of user some^user.
 		# date: 5 chars