I have these two log messages
Jul 2 10:21:50 10.197.1.254 id=firewall sn=0017C5C027C1 time="2013-07-02 17:21:50 UTC" fw=67.115.118.49 pri=6 c=262144 m=98 msg="Connection Opened" n=565679 src=192.168.168.65:1330:MGMT dst=192.168.168.169:443:MGMT proto=tcp/https sent=64
ul 2 10:21:58 10.197.1.254 id=firewall sn=0017C5C027C1 time="2013-07-02 17:21:57 UTC" fw=67.115.118.49 pri=6 c=1024 m=537 msg="Connection Closed" n=606900 src=192.168.168.65:1330:MGMT dst=192.168.168.169:443:MGMT proto=tcp/https sent=670 rcvd=473 spkt=8 rpkt=6 cdur=7366
As you can see the first one is for "Connection Opened" and the second "Connection Closed". Both the src and dst are the same so I believe this is a single stream. How do I calculate the total duration of this connection?