Flag header and event data timestamp mismatches #1698
Description
Under General Options in csv-timeline and json-timeline I would like to add an option -y, --timestamp-check Alert when event record header timestamp and record body timestamp differ
It will add two new fields TimestampMatch and HeaderTimestamp
When the timestamps match, TimestampMatch will be Y and when they do not match, it will be N.
When TimestampMatch is N, we will then populate HeaderTimestamp with the different timestamp recorded in the header.
Might also want to add a third column that shows the gap between the two timestamps.