Fwd: Why the pcap file time different with argus file?

Rahimeh Khodadadi rahimeh.khodadadi at gmail.com
Tue Jul 16 13:06:12 EDT 2013 

Thanks Matt for your reply. But I already had tested the Excel file with
cell formating, it does not change.


On Tue, Jul 16, 2013 at 7:03 PM, Matt Brown <matthewbrown at gmail.com> wrote:

> The time values are floats of unix time.  Use a function to convert them...
>
> Read docs on...
> Mysql's: unix_timestamp(), str_to_date()
>
> Excel: you can use cell formatting.
>
> The date and time are stored as a float of unix time.
>
> Hope this helps.
>
> Matt.
>
>
>
> On Jul 16, 2013, at 7:28 AM, Rahimeh Khodadadi <
> rahimeh.khodadadi at gmail.com> wrote:
>
> The time of Mysql and Excel are like a float number, I want to show time
> format like h:m:s
>
>
> On Tue, Jul 16, 2013 at 3:22 PM, Carter Bullard <carter at qosient.com>wrote:
>
>> MySQL and Excel demand a specific time format.  So what do you expect the
>> time format should be ?
>>
>> Sent from my iPad
>>
>> On Jul 16, 2013, at 6:37 AM, Rahimeh Khodadadi <
>> rahimeh.khodadadi at gmail.com> wrote:
>>
>> But I have red the ra document. when I use ra command the time is ok,
>> just using rasqlinsert it is changed?
>> Please tell me know the reason ??
>>
>>
>> On Tue, Jul 16, 2013 at 2:59 PM, Carter Bullard <carter at qosient.com>wrote:
>>
>>> I'm very sorry, but your questions are so simple that it is clear that
>>> you do not understand the tools.  Please read the man page for ra() before
>>> asking any other questions !!!!
>>>
>>>    % man ra
>>>
>>>
>>>
>>> Sent from my iPad
>>>
>>> On Jul 16, 2013, at 5:33 AM, Rahimeh Khodadadi <
>>> rahimeh.khodadadi at gmail.com> wrote:
>>>
>>> I forgot to say, when I insert the data to mysql or excel the time is
>>> changed. I saw the rarc file the config for time is : %T.%f
>>> Why it happened???
>>>
>>> ---------- Forwarded message ----------
>>> From: Rahimeh Khodadadi <rahimeh.khodadadi at gmail.com>
>>> Date: Tue, Jul 16, 2013 at 1:11 PM
>>> Subject: Why the pcap file time different with argus file?
>>> To: "argus-info at lists.andrew.cmu.edu" <argus-info at lists.andrew.cmu.edu>
>>>
>>>
>>> Hi all,
>>>
>>> I capture traffic with wireshark then covert that to flow by Argus. When
>>> I see both of them, I found that the time of them are diffrent.
>>>
>>> Why and What do I do for slove it??
>>>
>>> whireshark  time                                 stime argus
>>> 12.868672000                                  1373487478.2456
>>>
>>>
>>>
>>>
>>> --
>>> With Best Regards
>>> Rahimeh Khodadadi
>>>
>>>
>>>
>>>
>>> --
>>> With Best Regards
>>> Rahimeh Khodadadi
>>>
>>>
>>
>>
>> --
>> With Best Regards
>> Rahimeh Khodadadi
>>
>>
>
>
> --
> With Best Regards
> Rahimeh Khodadadi
>
>


-- 
With Best Regards
Rahimeh Khodadadi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20130716/ebb88e67/attachment.html>

More information about the argus mailing list