argus timestamps corrupt
Carter Bullard
carter at qosient.com
Fri Sep 27 10:21:49 EDT 2013
Hey Torbjörn,
All timestamps corrupt ?? V9 or V5 ?? If V9, could be a template parsing problem. Can you capture some packets where ra* corrupts, so I can reproduce ??? Need the templates as well, if V9.
Carter
> On Sep 27, 2013, at 6:13 AM, Torbjorn.Wictorin at its.uu.se wrote:
>
> hello,
>
> I am running radium (3.0.7.16) to in order to collect netflow records.
> Timestamps are corrupt, a lot of 1970-01-01 01:00:00 but some others
> also.
>
> Also, I have tried with nfdump/nfsen and this gives reasonable timestamps,
> so I do not think the routers are out-of-order.
>
> If I remember correctly it was some problems with the argus daemon som
> years ago that was fixed with '-s ...', but radium is not libpcap, so
> it cant be that, but maybe some other buffer thing?
>
>
> Any ideas?
>
> Torbjörn Wictorin,
> Uppsala university
More information about the argus
mailing list