Re^3: analyzing data

they are not sorted by time, all i want is to show how long one src_ip spent on particular dest_ip

Comment on Re^3: analyzing data

Replies are listed 'Best First'.
Re^4: analyzing data by Theodore (Hermit) on Apr 23, 2014 at 11:11 UTC
You can't know that. You can know how much time passed between the first and the last packet from a specific src_ip to a specific dst_ip for a specific arbitrary time span or a specific log file. Example: You may have one day's worth of data. There is a packet going from ip A to ip B at 00:01. There is a second packet between A and B at 23:59. Is this (23 hours 58 mins) "how long" ip A spent on ip B?	[reply]

Replies are listed 'Best First'.

Re^4: analyzing data
by Theodore (Hermit) on Apr 23, 2014 at 11:11 UTC

for a specific arbitrary time span or a specific log file

Example: You may have one day's worth of data. There is a packet going from ip A to ip B at 00:01. There is a second packet between A and B at 23:59. Is this (23 hours 58 mins) "how long" ip A spent on ip B?

[reply]