The time format in IDS events is the number of nanoseconds since the start of the Unix epoch (01-Jan-1970).
Suppose t is a 64-bit integer containing the time value. The traditional Unix time functions take an integer of type "time_t" that is the number of seconds since the start of the Unix epoch. You can get this value as follows:
time_t tm = (time_t) ( t / 1000000000 );
To get milliseconds, do this:
int ms = (int) ( t / 1000000 % 1000 );
So for the example you provided, 1065704702260811000, tm is 1065704702 and ms is 260.
As a side note for those who are curious: notice that the last 3 digits are almost always 0. You will see that although the field is in nanoseconds the sensor can not distinguish down to that small of time differences.
The number you see is the nanoseconds since January 1st 1970 (don't ask me why). It is a pretty common unix format to represent time as the seconds since January 1st 1970, and we just stretched it out to nanoseconds.
Most time conversion utilities like perl's functions understand this and are built to accept the seconds since 1970, but aren't built to accept all the way down to nanoseconds. This why most scripts are simply stripping off the extra numbers.
To find out more about this time format you can search the web for "unix time".
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :