[ARGUS] Question about Traffic Accounting and Argus
Rene Heinze
rhe at hup.de
Wed Apr 28 08:27:22 EDT 2004
Hi,
sorry for the late answer to your mail. Thanks for the hint that I can
use the "-c" flag. Works great.
Now I see the total amount of traffic from each host in the network. But
I would like to see that traffic split up in the services used. I need
to know if the traffic was p2p or http or ftp. Thats pretty important.
Any ideas ?
Thanks the support!
René Heinze
Russell Fulton schrieb:
> On Fri, 2004-04-23 at 22:26, Rene Heinze wrote:
>
>
>>after that I played a bit with statistic funktions
>>ramon -M TopN -N 25 -r /tmp/arguslos
>>
>>23 Apr 04 11:24:57 ip 194.77.59.20 CON
>>23 Apr 04 11:24:57 ip google.de CON
>>23 Apr 04 11:25:03 ip 194.77.59.25 TIM
>>23 Apr 04 11:29:05 ip dict.leo.org CON
>>23 Apr 04 11:29:52 ip 194.77.59.72 TIM
>>
>>ramon -M Matrix -N 25 -r /tmp/arguslos
>>
>>23 Apr 04 11:30:12 ip 194.77.59.72 <->
>>dict.leo.org CON
>>23 Apr 04 11:24:57 ip p508401f0.dip0. <->
>>194.77.59.36 CON
>>
>>Here I´m stucked. I do not know with what i should continue..
>
>
> Ummm.... I'm not at all sure what the problem is. If it is that you
> want the traffic counts then add the -c flag to the ra* commands.
>
>
More information about the argus
mailing list