Storage of date in the flows
Peter Van Epp
vanepp at sfu.ca
Mon Apr 16 15:41:44 EDT 2007
On Mon, Apr 16, 2007 at 02:10:50PM -0500, Aashish Sharma wrote:
> Hello All:
>
> I am wondering how people are handling date storage/retrieval in the flows. Previous versions had date/timestamps but current release only has timestamps by default.
>
> Thanks a lot.
> Aashish Sharma
The timestamp is still in time_t format. The change is in default outputformat and is changeable with the .rarc file as in
RA_TIME_FORMAT
For ra() like clients, this variable is used to override the time for
mat of the timestamp. This string must conform to the format specified
in strftime(). Malformed strings can generate fatal errors, so be
careful with this one.
RA_TIME_FORMAT="%y-%m-%d %T"
from the rarc man page.
Other than that argusarchive archives files in the way it always has
(i.e. by year/month/day/hour).
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the argus
mailing list