argus 1.8 suggestions list
Carter Bullard
cbullard at nortelnetworks.com
Tue Jun 1 08:54:29 EDT 1999
Gentle People,
I'm finishing up on the 1.8 changes, and there
have been a number of suggestions for changes in
some of the programs and utilities. I would like
to get a feel for what the wish list would look
like. If you would like to alpha/beta test 1.8
please send me mail.
Here is the list as I have it today. Most are
related to ra(). I know that this is not complete
so if there is anything missing, please send mail.
Any suggestion is welcome.
Argus()
1. read compress and gzip'd files automatically.
Ra() (all argus clients)
1. extend filter expression.
I've already added new tokens for:
1. TCP states (syn synack data fin finack)
2. ICMP types (echo unreach redirect)
I'm looking into supporting 'greater' and 'less'
for port numbers.
2. reverse '-n' flag logic.
use the -n to turn on name resolution,
default is no resolution.
2. modify and internationalize default time output.
modify time field default output format from:
Day mm/dd hh:mm:ss
to:
yy-dd-mm hh:mm:ss
3. modify 'tags' field to aid in awk parsing.
currently, tags such as retransmissions,
multipath indications, IP options, etc are
reported in a way that generates multiple
field numbers. recommendation is to use a
'_' as space fillers. Current ra()
output would look something like this.
Tue 02/09 10:29:36 d___ tcp 132.245..... or
Raservices()
1. Change reported stats to be more useful.
Suggestion, avg bytes avg packets rather
than avg bytes/packet.
More clients.
I have heard this a lot but no specifics. I have added
a simple one.
racount() - print byte and packet totals.
Please send your suggestions soon, as we would like to
get the 1.8 stuff finished up.
Thanks
Carter
Carter Bullard
Principal Consultant
Nortel Networks
320 Park Avenue 16th Floor
New York, New York 10022
Email cbullard at nortelnetworks.com
Phone +1 212 317 4230
Fax +1 212 317 4324
Pager +1 800 217-7496
More information about the argus
mailing list