flowmon-ads: Rename Timestamp to 'Detection time'

* This is part of a backport from nsharp connector to unify the codebase. * The actual code changes were done by Martin Černý <cernym@cesnet.cz> during the development of nsharp connector.

flowmon-ads: Rename Timestamp to 'Detection time'
36dd92e0 · Radko Krkoš · 8d86e0ff · 36dd92e0
Commit 36dd92e0 authored 3 years ago by Radko Krkoš
--- a/flowmon-ads/warden3_flowmon_ads_filer.py
+++ b/flowmon-ads/warden3_flowmon_ads_filer.py
@@ -108,7 +108,7 @@ def proto_list(pl):
 ads_fields = (
    ('ID', str),                # Unique id within ADS db
-    ('Timestamp', iso_time),    # Timestamp of event generation
+    ('Detection time', iso_time),   # Timestamp of event generation
    ('FirstFlow', iso_time),    # Timestamp of the first Flow on which was based the event detection
    ('Type', str),              # Type of event, in fact a reference to the detection method, which recognized the event
    ('TypeDesc', str),          # Event type description
@@ -266,8 +266,8 @@ def idea_ip_key(ip):
 def gen_idea_from_ads(new_id, ads, orig_data, anonymised_target, add_test):
-    lts = time.localtime()
+    lts = time.gmtime()
-    ts = ads.get("Timestamp") or lts
+    ts = ads.get("Detection time") or lts
    ets = ads.get("FirstFlow")
    if ets and ets > ts:    # ADS sometimes reports FirstFlow greater than DetectTime
        ts = ets