Timeranges

[Mark Poepping]

The original point of the time-flag was for forensics, basically what Peter
said.  The idea was to identify flows that were 'live' when some event
happened.  It was never intended as a way to segment the data.

I believe the usual response to this had been to suggest that someone write
(though I thought someone already had) a small argus client that splits the
files the way you want.  You want an argus client since you need to parse the
file.  Maybe just rasplit, or for the ambitious, raless:-)..

Mark.