rabins zero option

[David]

Perhaps I'm not interpreting the zero option correctly but it does not  
appear to work correctly for me in the following case.  All data is  
sorted by stime already and I am trying to get hourly/daily byte  
counts as suggested in a previous thread.

I run:

$ rabins -M zero time 1h -R ./data/ - port 22

I have tried passing a specific timerange with -t but I do not get  
zero records.  Running in debug mode does not show any of the messages  
which would suggest a zero record had been created.  I have also tried  
both hard and soft options.  I'm definitely not trying to filter on  
src/dst, which I assume might cause problems if used as above.

I'm using the 3.0.2-beta6 clients, should it be possible to get zero  
records as above?  That would greatly help with graphing, as the  
"time" axis would be constant (zeros instead of missing records) no  
matter what port filter I use.

If only Excel wasn't so poor at handling mixed date/time columns  
(OpenOffice manages fine, fortunately).

Thanks again.

David