argus option review
Carter Bullard
carter at qosient.com
Sun Jan 28 09:56:15 EST 2001
Hey Torbjorn,
We have the -T option for the ra* programs but nothing
for argus() itself. I can do something based on the number of
packets read, but not the number of records written, as there
are multiple output channels and support for multiple filters,
so deciding which stage the count applied to would be difficult.
So in response I can see supporting a -T <secs> and a
-c <packetcount> option for argus.
But, you don't need to stop argus() to shift its log files.
Scripts like ./support/Archive/argusarchive work my just
renaming the output file. argus() will recognize that the
file has been moved and adjust, by closing the old file
and recreating the output file.
So lets consider the -T and -c options for argus.
Anyone on the list have any objections?
Carter
Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York 10022
carter at qosient.com
Phone +1 212 813-9426
Fax +1 212 813-9426
> -----Original Message-----
> From: owner-argus at lists.andrew.cmu.edu
> [mailto:owner-argus at lists.andrew.cmu.edu]On Behalf Of
> Torbjorn.Wictorin at its.uu.se
> Sent: Sunday, January 28, 2001 5:46 AM
> To: Argus (E-mail)
> Subject: Re: argus option review
>
>
> hello,
>
> I think it would be nice with some option that would cause
> argus to exit
> after a given time or number of records. This would make it possible
> to run it in a while - loop and avoid consuming more and more memory
> over time. Also, this would give a opportunity to shift log files.
>
> Torbjörn Wictorin, Uppsala university, Sweden
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3699 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20010128/000b6cf6/attachment.bin>
More information about the argus
mailing list