headers
Rick Hofstede | 14 Jun 2013 08:54
Picon
Picon
Favicon

nftest usage

Dear all,

In the mailing list archive of March 2008 I found a message talking about "compression in 1.5.7": http://comments.gmane.org/gmane.network.nfsen.general/975

I'm interested in comparing nfdump performance in a setup with and within compression enabled. The
message linked above suggests that nftest could help me to find this out. The message also says "nftest is
only in the src directory and built, when doing a 'make test'". However, I haven't got it to compile, yet.
When I run 'make test', make complains about a missing 'test' target.

Does anyone know how to use nftest?

Best regards,

--
Rick Hofstede
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
Permalink | Reply | 0 comments |
headers
Giles Coochey | 5 Jun 2013 16:42

Filter to only see ICMP type 3, code 4 messages

I'm using Nfsen and am trying to view flows that contain icmp type 3 
code 4 messages (Needs fragmenting but DF bit set).

I tried

proto ICMP and icmp[0]=3 and icmp[1]=4

but it doesn't appear to work. Is there a specific filter for that?

-- 
Regards,

Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles@...
Attachment (smime.p7s): application/pkcs7-signature, 4968 bytes
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
(Continue reading)






Permalink
| Reply
| 2 comments  
| 



  

  

  





headers


Fabián Mejía
 | 
28 May 2013 19:55






Picon





Fwd: Re:  nfdump on Centos 6 problem





    Hello everyone

      
 

        I found the problem.   


        The router's configuration had:

interface Loopback0

          ip address 10.10.0.1 255.255.255.255

          !

          interface GigabitEthernet0/0

          ip address 192.168.168.20 255.255.255.0

          ip flow ingress

          !

          ip flow-export source loopback0

          ip flow-export version 9

          ip flow-export destination 192.168.168.10 9996


        The Centos interface configuration:


          # ifconfig eth2

                    inet addr:192.168.168.10  Bcast:192.168.168.255 
          Mask:255.255.255.0



        Gi0/0 from router and eth2 from Centos are in the same network,
        in order to test, in the router configuration, I have changed
        to:

ip flow-export source GigabitEthernet0/0


        and nfdump saves data now.   


        The problem is solved, but I don't understand why that happen,
        Centos can ping both interfaces.

# ping 10.10.0.1

          PING 10.10.0.1 (10.10.0.1) 56(84) bytes of data.

          64 bytes from 10.10.0.1: icmp_seq=1 ttl=254 time=7.09 ms

          64 bytes from 10.10.0.1: icmp_seq=2 ttl=254 time=10.0 ms


          # ping 192.168.168.20

          PING 192.168.168.20 (192.168.168.20) 56(84) bytes of data.

          64 bytes from 192.168.168.20: icmp_seq=1 ttl=255 time=98.7 ms

          64 bytes from 192.168.168.20: icmp_seq=2 ttl=255 time=45.3 ms


        Thanks

Saludos,

Fabián



        El 2013-05-24 02:35, Evgheni Dereveanchin escribió:



      

        

          
Hi

              Fabian,

          
 

          
I
              use nfdump 1.6.10 & nfsen 1.3.6-p1 on CentOS 6 minimal
              without any issues.

          
 

          
The

              preparation steps are:

          
1)      yum

              install httpd php wget gcc make rrdtool-devel flex byacc

          
2)      edit

              /etc/selinux/config – set SELINUX=disabled

          
3)      iptables

              -I INPUT -p udp -m state --state NEW -m udp --dport 9995
              -j ACCEPT

          
change

              the port to the one you need ^

          
4)      /etc/init.d/iptables

              save

          
5)      chkconfig

              httpd on

          
6)      Reboot

              the machine to disable SElinux completely.

          
7)      Install

              nfdump and nfsen

          
8)      Start

              nfsen, open it in web browser

          
 

          
Regards,

          
Evgheni

          
 

          

            

              
From:
                  Fabián Mejía [mailto:ing.fabianmejia-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org]
                  
Sent: 23 May 2013 18:19
To: nfdump-discuss-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: [Nfdump-discuss] nfdump on Centos 6
                  problem

            

          

          
 

          
Hello all


            I installed nfdump-1.6.10 and nfsen-1.3.6p1 on Centos 6.   
            I started on a minimal installation.  After, all
            dependencies was installed with yum from regular Centos
            repository and some packet from epel repository
            (flow-tools).

            My router is sending netflow data to 9996 udp port.

            nfsen seems to work well, I can see graphs from live profile
            but without data.

            I think nfdump do not work well, because iptables and
            ip6tables are stopped on the server, SELinux is in disabled
            mode and tcpdump shows received packets but nfdump saves
            empty files:

# tcpdump -i eth2 -n udp port
              9996

              tcpdump: verbose output suppressed, use -v or -vv for full
              protocol decode

              listening on eth2, link-type EN10MB (Ethernet), capture
              size 65535 bytes

              15:57:28.220558 IP 10.10.0.1.60709 >
              192.168.168.10.palace-5: UDP, length 72

              15:57:55.213269 IP 10.10.0.1.60709 >
              192.168.168.10.palace-5: UDP, length 168

              15:58:22.229552 IP 10.10.0.1.60709 >
              192.168.168.10.palace-5: UDP, length 168

              15:58:49.207766 IP 10.10.0.1.60709 >
              192.168.168.10.palace-5: UDP, length 168

              15:59:16.194815 IP 10.10.0.1.60709 >
              192.168.168.10.palace-5: UDP, length 120

              15:59:28.197556 IP 10.10.0.1.60709 >
              192.168.168.10.palace-5: UDP, length 120


              # ls -al

              total 96

              drwxr-xr-x. 2 apache apache 4096 may 22 16:25 .

              drwxrwxr-x. 3 apache apache 4096 may 22 16:25 ..

              -rw-r--r--. 1 apache apache  276 may 22 14:40
              nfcapd.201305221435

              -rw-r--r--. 1 apache apache  276 may 22 14:45
              nfcapd.201305221440

              -rw-r--r--. 1 apache apache  276 may 22 14:50
              nfcapd.201305221445

              -rw-r--r--. 1 apache apache  276 may 22 14:55
              nfcapd.201305221450

              -rw-r--r--. 1 apache apache  276 may 22 15:00
              nfcapd.201305221455

              -rw-r--r--. 1 apache apache  276 may 22 15:05
              nfcapd.201305221500

              -rw-r--r--. 1 apache apache  276 may 22 15:10
              nfcapd.201305221505

              -rw-r--r--. 1 apache apache  276 may 22 15:15
              nfcapd.201305221510

              -rw-r--r--. 1 apache apache  276 may 22 15:20
              nfcapd.201305221515

              -rw-r--r--. 1 apache apache  276 may 22 15:25
              nfcapd.201305221520

              -rw-r--r--. 1 apache apache  276 may 22 15:30
              nfcapd.201305221525

              -rw-r--r--. 1 apache apache  276 may 22 15:35
              nfcapd.201305221530

              -rw-r--r--. 1 apache apache  276 may 22 15:40
              nfcapd.201305221535

              -rw-r--r--. 1 apache apache  276 may 22 15:45
              nfcapd.201305221540

              -rw-r--r--. 1 apache apache  276 may 22 15:50
              nfcapd.201305221545

              -rw-r--r--. 1 apache apache  276 may 22 15:55
              nfcapd.201305221550

              -rw-r--r--. 1 apache apache  276 may 22 16:00
              nfcapd.201305221555

              -rw-r--r--. 1 apache apache  276 may 22 16:05
              nfcapd.201305221600

              -rw-r--r--. 1 apache apache  276 may 22 16:10
              nfcapd.201305221605

              -rw-r--r--. 1 apache apache  276 may 22 16:15
              nfcapd.201305221610

              -rw-r--r--. 1 apache apache  276 may 22 16:20
              nfcapd.201305221615

              -rw-r--r--. 1 apache apache  276 may 22 16:25
              nfcapd.201305221620



              # nfdump -r nfcapd.201305221620 'any'

              Date first seen          Duration Proto      Src IP
              Addr:Port          Dst IP Addr:Port   Packets    Bytes
              Flows

              No matched flows



            I found this similar issue in this list but it is no
            solved:  

http://sourceforge.net/mailarchive/forum.php?thread_name=1364867767.65514.YahooMailNeo%40web122006.mail.ne1.yahoo.com&forum_name=nfdump-discuss


            Does anybody know the solution?

Any help is welcome.



          Saludos,

          
 

          Fabián 

        

      

      




    




------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may


_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@...
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss






Permalink
| Reply
| 0 comments  
| 



  

  

  





headers


Fabián Mejía
 | 
23 May 2013 17:19






Picon





nfdump on Centos 6 problem





    Hello all


    I installed nfdump-1.6.10 and nfsen-1.3.6p1 on Centos 6.    I
    started on a minimal installation.  After, all dependencies was
    installed with yum from regular Centos repository and some packet
    from epel repository (flow-tools).

    My router is sending netflow data to 9996 udp port.

    nfsen seems to work well, I can see graphs from live profile but
    without data.

    I think nfdump do not work well, because iptables and ip6tables are
    stopped on the server, SELinux is in disabled mode and tcpdump shows
    received packets but nfdump saves empty files:

# tcpdump -i eth2 -n udp port 9996

      tcpdump: verbose output suppressed, use -v or -vv for full
      protocol decode

      listening on eth2, link-type EN10MB (Ethernet), capture size 65535
      bytes

      15:57:28.220558 IP 10.10.0.1.60709 > 192.168.168.10.palace-5:
      UDP, length 72

      15:57:55.213269 IP 10.10.0.1.60709 > 192.168.168.10.palace-5:
      UDP, length 168

      15:58:22.229552 IP 10.10.0.1.60709 > 192.168.168.10.palace-5:
      UDP, length 168

      15:58:49.207766 IP 10.10.0.1.60709 > 192.168.168.10.palace-5:
      UDP, length 168

      15:59:16.194815 IP 10.10.0.1.60709 > 192.168.168.10.palace-5:
      UDP, length 120

      15:59:28.197556 IP 10.10.0.1.60709 > 192.168.168.10.palace-5:
      UDP, length 120


      # ls -al

      total 96

      drwxr-xr-x. 2 apache apache 4096 may 22 16:25 .

      drwxrwxr-x. 3 apache apache 4096 may 22 16:25 ..

      -rw-r--r--. 1 apache apache  276 may 22 14:40 nfcapd.201305221435

      -rw-r--r--. 1 apache apache  276 may 22 14:45 nfcapd.201305221440

      -rw-r--r--. 1 apache apache  276 may 22 14:50 nfcapd.201305221445

      -rw-r--r--. 1 apache apache  276 may 22 14:55 nfcapd.201305221450

      -rw-r--r--. 1 apache apache  276 may 22 15:00 nfcapd.201305221455

      -rw-r--r--. 1 apache apache  276 may 22 15:05 nfcapd.201305221500

      -rw-r--r--. 1 apache apache  276 may 22 15:10 nfcapd.201305221505

      -rw-r--r--. 1 apache apache  276 may 22 15:15 nfcapd.201305221510

      -rw-r--r--. 1 apache apache  276 may 22 15:20 nfcapd.201305221515

      -rw-r--r--. 1 apache apache  276 may 22 15:25 nfcapd.201305221520

      -rw-r--r--. 1 apache apache  276 may 22 15:30 nfcapd.201305221525

      -rw-r--r--. 1 apache apache  276 may 22 15:35 nfcapd.201305221530

      -rw-r--r--. 1 apache apache  276 may 22 15:40 nfcapd.201305221535

      -rw-r--r--. 1 apache apache  276 may 22 15:45 nfcapd.201305221540

      -rw-r--r--. 1 apache apache  276 may 22 15:50 nfcapd.201305221545

      -rw-r--r--. 1 apache apache  276 may 22 15:55 nfcapd.201305221550

      -rw-r--r--. 1 apache apache  276 may 22 16:00 nfcapd.201305221555

      -rw-r--r--. 1 apache apache  276 may 22 16:05 nfcapd.201305221600

      -rw-r--r--. 1 apache apache  276 may 22 16:10 nfcapd.201305221605

      -rw-r--r--. 1 apache apache  276 may 22 16:15 nfcapd.201305221610

      -rw-r--r--. 1 apache apache  276 may 22 16:20 nfcapd.201305221615

      -rw-r--r--. 1 apache apache  276 may 22 16:25 nfcapd.201305221620



      # nfdump -r nfcapd.201305221620 'any'

      Date first seen          Duration Proto      Src IP
      Addr:Port          Dst IP Addr:Port   Packets    Bytes Flows

      No matched flows



    I found this similar issue in this list but it is no solved:  

http://sourceforge.net/mailarchive/forum.php?thread_name=1364867767.65514.YahooMailNeo%40web122006.mail.ne1.yahoo.com&forum_name=nfdump-discuss


    Does anybody know the solution?

Any
      help is welcome.

Saludos,

Fabián 
  


------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may


_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@...
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss






Permalink
| Reply
| 2 comments  
| 



  

  

  





headers


Ryan Harden
 | 
20 May 2013 17:48






Favicon





nfdump cluster question


Has anyone written a method for distributing nfdump query processing to a compute cluster?
We have a compute cluster (condor based) that I'd like to utilize when processing nfdump data.

>From what I understand, some sort of wrapper would be required that would instruct N number of compute
nodes to map certain data files, process them, return values, then another process would aggregate the
values based on the original request and generate the output the user was looking for.

Perhaps I'm thinking about this all wrong?

Thoughts? Comments?

/Ryan

Ryan Harden
Senior Network Engineer
University of Chicago - AS160
P: 773-834-5441

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d






Permalink
| Reply
| 3 comments  
| 



  

  

  





headers


Peter Haag
 | 
17 May 2013 12:10






Picon





nfdump-1.6.10 released


Hi List,
Just to let you know - 1.6.10 is out:

Maintainance/bugfix release.
You should update, if you use IPFIX, or ASA/NSEL

- Fix SPARC compile/optimise bug
- Add output packet/bytes counter to global stat for NSEL flows ASA > 8.5
  Fixes stat problems in NfSen
- Add NSEL filter options xnet
- Modify extension descriptor code for nfdump1.7.
  Still use 1.6 extension map layout for compatibility
- Add prototype for nfpcapd - pcap -> nfdump collector.
  Converts traffoc directly to nfdump files. - experimental - not enabled
- Fix bug in ipfix module: uninitialised variable
- Cleanup syslog/LogError calls
- Fix minor non critical bugs and compile issues

	- Peter
--

-- 
--
Be nice to your netflow data

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d






Permalink
| Reply
| 3 comments  
| 



  

  

  





headers


marcello pisano
 | 
15 May 2013 12:57






Picon





[nfdump 1.6.9] -- Dst IP option remove IP SOURCE




Hello to all,


I did an upgrade from nfdump 1.6.3 to 1.6.9. I use often option "-A" to 
aggregate flows, but after upgrade I have that if I use that option 
source address of all flow becomes this: 


[root <at> test2 15]# nfdump  -r nfcapd.201305151054  -a  -A dstip -o extended -c 2

Date first seen          Duration Proto           Src IP 
Addr:Port          Dst IP Addr:Port   Flags Tos  Packets    Bytes      
pps      bps    Bpp Flows
2013-05-15 10:53:59.903    59.077     0          0.0.0.0:0         ->        224.0.0.1:0     ......   0      250    71370        4     9664    285   176
2013-05-15 10:54:00.900    58.000     0          0.0.0.0:0         ->    172.16.50.212:0     ......   0       59     7744        1     1068    131    59


If I don't use that option results is: 

[root <at> test2 15]# nfdump  -r nfcapd.201305151054  -a  -o extended -c 2

Date first seen          Duration Proto      Src IP 
Addr:Port          Dst IP Addr:Port   Flags Tos  Packets    Bytes      
pps      bps    Bpp Flows
2013-05-15 10:53:59.928    48.972 UDP      172.16.50.221:137   
->    172.16.51.255:137   ......   0       43     3354        0      
547     78    43
2013-05-15 10:54:00.900    58.000 ICMP     172.16.50.217:0     
->    172.16.50.212:3.3   ...... 192       59     7744        1     
1068    131    59




Anyone know if this is a normal behavior of new version of Nfdump or if it can be a problem ? 


Thank you to all 




------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d


_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@...
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss






Permalink
| Reply
| 4 comments  
| 



  

  

  





headers


Tomas Podermanski
 | 
14 May 2013 14:37






Picon





Perl module for working with nfdump files


Hi nfdump community,

    as the nfdump is a great tool we desperately missed the additional
functionality allowed us either modify or create the records in those
files. So we decided to develop own perl module. After using it in our
several projects we decided to publish the module to whole community.
The module is available via CPAN site 
(http://search.cpan.org/~tpoder/Net-NfDump/lib/Net/NfDump.pm). It uses
standard DBI-like conventions, so it should be quite easy to use.  Maybe
someone will find it useful for yourself.

Best regards
    Tomas

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d






Permalink
| Reply
| 0 comments  
| 



  

  

  





headers


David Walsh
 | 
7 May 2013 02:44






Picon

Picon





vSphere 5.1 distributed switch to nfcapd with IPFIX


Hi,
     I have some vSphere 5.1 VDS's sending IPFIX net flow to our nfsen server.  (nfsen v 1.3.5)

I am running nfdump Version: 1.6.9 with the IPFIX patch posted on this list on the 13/4/2013 by Peter.

I am receiving the net flow data and below is the output in raw form after I applied the patch. You will notice
that "first" and "last" are set on 1970-01-01 10:00:00. There is an up to date time in the last variable of
the packet in "received at".

NFsen can read the data and it is correct (I compare it to data we pull via snmp) however NFsen /ndump are
formatting the data with timestamps of 1970-01-01 10:00:00 instead of the actual time.

I notice this has been raised on various sites but I have not seen a fix.  I don't mind testing some patches if
they become available to fix up this timestamp issue.

# nfdump -M /opt/data/nfsen/profiles-data/live/netflow-vds-vsh -R
2013/05/03/nfcapd.201305031040 -c 100 -o raw

Flow Record: 
  Flags        =              0x06 FLOW, Unsampled
  export sysid =                 2
  size         =                72
  first        =                 0 [1970-01-01 10:00:00]
  last         =                 0 [1970-01-01 10:00:00]
  msec_first   =                 0
  msec_last    =                 0
  src addr     =    110.175.94.222
  dst addr     =      192.168.64.6
  src port     =             58464
  dst port     =               443
  fwd status   =               157
  tcp flags    =              0x00 ......
  proto        =                 6
  (src)tos     =                 0
  (in)packets  =                 9
  (in)bytes    =              1500
  input        =              1678
  output       =              1799
  ip router    =         10.1.4.39
  received at  =     1367541600163 [2013-05-03 10:40:00.163]

Flow Record: 
  Flags        =              0x06 FLOW, Unsampled
  export sysid =                 2
  size         =                72
  first        =                 0 [1970-01-01 10:00:00]
  last         =                 0 [1970-01-01 10:00:00]
  msec_first   =                 0
  msec_last    =                 0
  src addr     =     101.163.67.76
  dst addr     =      192.168.64.6
  src port     =              2735
  dst port     =               443
  fwd status   =               255
  tcp flags    =              0x00 ......
  proto        =                 6
  (src)tos     =                 0
  (in)packets  =                 1
  (in)bytes    =                40
  input        =              1678
  output       =              1799
  ip router    =         10.1.4.39
  received at  =     1367541600163 [2013-05-03 10:40:00.163]

Kind Regards,
                          David
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may






Permalink
| Reply
| 2 comments  
| 



  

  

  





headers


R.J.Hofstede
 | 
6 May 2013 07:37






Picon

Picon

Favicon





UNIX timestamps without using '-o pipe'


Dear Peter,

It would be really useful to have an nfdump output format (e.g. to use with '-o fmt:') that allows to output
UNIX timestamps for flow record start and end times. To the best of my knowledge, outputting UNIX
timestamps is currently solely possible using '-o pipe'. However, this output format provides way more
information than we need.

We plan to use this in an NfSen plugin, where we would like to parse a few fields from the nfdump files,
including start and end times as UNIX timestamps.

Would it be possible to include something like this in an upcoming version of nfdump?

Kind regards,

--
Rick Hofstede
University of Twente, The Netherlands
------------------------------------------------------------------------------
Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET
Get 100% visibility into your production application - at no cost.
Code-level diagnostics for performance bottlenecks with <2% overhead
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap1






Permalink
| Reply
| 0 comments  
| 



  

  

  





headers


R.J.Hofstede
 | 
21 Apr 2013 16:42






Picon

Picon

Favicon





nfdump extension problem


Dear all,

I'm trying to implement an extension for nfdump that stores and processes data from
(enterprise-specific) NetFlow fields. In total, I've defined 6 fields and all but one (i.e. no. 2) are
working fine. The fields have the following properties:

1: unint8
2: unint32 <== problem
3-6: uint32

Since the extension has to be 64-bit-aligned, I've defined the corresponding masks:

1: 0xFF00000000000000LL
2: 0x00FFFFFFFF000000LL
3: 0xFFFFFFFF00000000LL
4: 0x00000000FFFFFFFFLL
5: 0xFFFFFFFF00000000LL
6: 0x00000000FFFFFFFFLL

Again, field 1, 3, 4, 5 and 6 are working perfectly fine. The only difference between field no. 2 and the
others is that its shifted by another value than 32 bits. It needs to carry a UNIX timestamp, which is
correctly 'received' by nfcapd (I've verified that). However, after reading the file by nfdump, the
value is wrong. For example, the HEX value '516C5DE4' (1366056420) results in the decimal value after
processing '81'.

Does anyone of you have a clue what may be the (direction of the) problem? Any idea is appreciated!

Kind regards,

--
Rick Hofstede
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter






Permalink
| Reply
| 2 comments  
| 



  

  

  

  


  





    



Gmane