Raconvert does not produce the same binary output file

[Ngo, John W]

Greetings.  I'm currently having issues with the raconvert tool.  What I'm trying to do is convert an Argus binary file to a Netflow using the ra command. Then I am using raconvert to turn it back to binary, and then use the ra tool on the derived binary file to produce a second netflow file.  I'm comparing both netflow files and I'm noticing significant differences between the two.  Some netflow events appear to match, however most are off by a few flags.  Has anyone tried this and noticed these discrepancies using the raconvert command?  Is there a particular configuration I should be using when generating the first netflow file?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20150916/460b9345/attachment.html>