[ARGUS] argus-2.0.6 released!!!

[Carter Bullard]

Hey Peter,
   Well, because you can specify any field with the '-s [-+]field' option,
these did go away.  So let me take a stab at the rarc.5 and bring it up to
date.  Basically all the RA_PRINT_* variables go away, replaced with
the RA_PRINT_FIELDS label, where you specify the -s option string.

   The filter additions need to go into the ra.1 man page.
Ok, so keep these inconsistencies/problems coming.  I'll try
to make a stab at them in the next 3-4 days.

Carter



-----Original Message-----
From: owner-argus-info at lists.andrew.cmu.edu
[mailto:owner-argus-info at lists.andrew.cmu.edu] On Behalf Of Peter Van Epp
Sent: Wednesday, May 05, 2004 7:29 PM
To: argus-info at lists.andrew.cmu.edu
Subject: Re: [ARGUS] argus-2.0.6 released!!!

<snip>
>
> Next step is to work on the clients.  Please take a look at the
> argus-clients-2.0.6.tar.gz so we can beef it up a bit, including
> man pages (I know, ....., even the documentation) and the like.
>
> Hope all is well, and that argus continues to be helpful!!!!
>
> Carter
>
>

	Yep, them man pages need work :-). ra in particular seems to have
changed fairly substatially in what rarc flags it accepts (it certainly
doesn't
match the man page :-)). Selecting the printing of end times seems to have
fallen out of favour is the main change I see. I did have an ra.conf
that looked like this on the argus-2.0.6.rc2 ra:

RA_FIELD_DELIMITER='\t'
RA_PRINT_HOSTNAMES=no
RA_PRINT_STARTIME=yes
RA_PRINT_LASTIME=yes
RA_PRINT_UNIX_TIME=yes
RA_USEC_PRECISION=6

	and it no longer likes RA_PRINT_LASTIME (and looking at the code
there
doesn't seem to be a replacement). As well the interesting new filter terms

(like "data" and "syn") aren't in the ra man page.

Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada