How Do I Filter The Data so just the totals for each ip are shown?
Carter Bullard
carter at qosient.com
Mon May 13 12:42:04 EDT 2002
Hey Andy,
You don't need to filter argus traffic to do this,
you just need to use either ragator() or ramon(). From
the new distribution ftp://qosient.com/dev/argus-2.0/argus-2.0.5.tar.gz
try:
ramon -M topn -r argusfile
ramon -M srv -r argusfile
This should give you some of what you want. Once you try these and
find out what's missing, send mail and we can see how to improve
ramon() to do what you want.
Carter
Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York 10022
carter at qosient.com
Phone +1 212 588-9133
Fax +1 212 588-9134
http://qosient.com
> -----Original Message-----
> From: owner-argus-info at lists.andrew.cmu.edu
> [mailto:owner-argus-info at lists.andrew.cmu.edu] On Behalf Of Andy
> Sent: Monday, May 13, 2002 12:30 PM
> To: argus-info at lists.andrew.cmu.edu
> Subject: How Do I Filter The Data so just the totals for each
> ip are shown?
>
>
> I hope this question is appropriate here.
>
>
> I am new to argus and thus need some help with filtering. What I
> want to do is filter out the data from argus so that I can get each
> IP's total traffic at any given time. Here is an example of what I
> want.
>
> IpAddress Protocol IN Traffic (bytes) OUT Traffic(bytes)
> 10.0.0.4 ICMP 4000 2300
> 207.192.2.4 TCP 1.2Gb 1Gb
> xx.xx.xx.xx UDP 2Gb 4Gb
> etc...
>
>
> So for each IP at time Y I would like a summary of the total amount
> of traffic in and out for each protocol supported by argus.
>
> Is there a simple way of doing this? Currently I am using trafd for
> this and parsing the data file, buth this is really inneficient and
> thus I would like to be able to do this with argus instead.
>
> Thank in advance,
> Andy
> --
>
>
More information about the argus
mailing list