[ARGUS] Syslog Support
Peter Van Epp
vanepp at sfu.ca
Thu Nov 18 17:42:26 EST 2004
As far as I know that means that argus will complain in syslog about
things it is internally unhappy about such as queues getting large (or argus_bpf
croaking for some reason):
Nov 5 21:45:29 hcids2 argus_bpf[13392]: ArgusWriteOutSocket(0x8186000) Queue Co
unt 50001
Nov 5 21:46:08 hcids2 argus_bpf[13390]: ArgusWriteOutSocket(0x8183000) Queue Co
unt 51448
Nov 5 21:46:38 hcids2 argus_bpf[13390]: ArgusWriteOutSocket(0x8183000) Queue Co
unt 55244
Nov 6 21:46:01 hcids2 argus_bpf[13390]: ArgusWriteOutSocket(0x8183000) Queue Co
unt 50360
Nov 12 21:45:57 hcids2 argus_bpf[13390]: ArgusWriteOutSocket(0x8183000) Queue Co
unt 50184
Nov 13 21:46:19 hcids2 argus_bpf[13390]: ArgusWriteOutSocket(0x8183000) Queue Co
unt 50105
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
On Thu, Nov 18, 2004 at 04:16:25PM -0600, Joshua Berry wrote:
> The Changes section of Argus says that 2.0 added Syslog support but I
> can't find any documentation/help files on it. How can I utilize the
> Syslog support?
>
>
> Josh Berry | CISSP GCIA
> Information Security
> 214-765-1296
>
> --------------------------------------------------------------------
> If you spend more on coffee than on IT security, you will be hacked.
> What's more, you deserve to be hacked.
> -- (Former) White House Cybersecurity adviser Richard Clarke
>
More information about the argus
mailing list