[rasplit] stime is zero
Peter Van Epp
vanepp at sfu.ca
Thu Jun 7 22:53:25 EDT 2007
On Thu, Jun 07, 2007 at 09:11:37AM +0200, Robin Gruyters wrote:
> Hello,
>
> This morning I recieved the following message from Argus rasplit command
>
> [...]
> rasplit[14876]: 00:00:04.197296 RaProcessRecord: stime is zero
> [...]
>
> I have run rasplit in debug mode, but I couldn't find any problems with it.
>
> I'm running argus-3.0 (23-05) and argus-client-rc44 (23-05) on FreeBSD 6.2.
>
> Any idea what it can be?
>
> Kind regards,
>
> Robin Gruyters
> Network and Security Engineer
> Yirdis B.V.
> I: http://yirdis.com
> P: +31 (0)36 5300394
> F: +31 (0)36 5489119
>
Try running the argus file through ra and check the time stamps. There
was an argus bug (thought to be fixed now) where some records were getting a
0 time stamp. I haven't seen one in quite a while but that may not mean
anything :-).
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the argus
mailing list