argus to tcpdump conversion
Scott A. McIntyre
scott at xs4all.nl
Fri Jun 15 02:29:14 EDT 2001
Hi,
> is very helpful. If the byte and packet totals are the
> same, then things are working, just not as you suspect.
>
> racount -r file*
> ragator -r file* -w - | racount
> ragator -f conf -r file* -w - | racount
I think that something may be going wrong...
racount -r argus.2001.06.11.*
racount records total_pkts src_pkts dst_pkts total_bytes src_bytes dst_bytes
sum 24595389 756164959 257431648 498733311 648287400775 176310819167 471976581608
ragator -r argus.2001.06.11.* -w - | racount
racount records total_pkts src_pkts dst_pkts total_bytes src_bytes dst_bytes
sum 61368 3140201 890517 2249684 2627930912 729987862 1897943050
ragator -f flow.conf -r argus.2001.06.11.* -w - | racount
racount records total_pkts src_pkts dst_pkts total_bytes src_bytes dst_bytes
sum 226382 234740941 70528022 164212919 208338503046 51664450414 156674052632
More information about the argus
mailing list