argus-eye GUI
Philipp Letschert
phil at uni-koblenz.de
Mon Nov 6 08:22:35 EST 2006
Thanks for your replies,
first of all I don't feel like re-inventing the wheel, because no GUI exists,
that
- is designated solely to the argus-suite
- is open source and released under a free license
- has all the features I would like to use
I've tried NVisionIP, looks impressive but supports only 2.0.5, there is no
source available and the project looks dormant as the SIFT tools.
The Gtk GUI will support argus 3.0, because it is just a frontend to the ra*
tools. But to test this, it would be nice to have a 3.0 release, which I haven't
found on the web...
Carter, can you set up a CVS account for me?
At moment the only source is file-input, but I plan to have ra and/or ratop live
clients as supported source as well, but this will take a while...
Currently I'm doing the column configuration dialog, because the stock
GtkTreeView is performing bad in building a table with ten-thousands of rows and
40 columns :(
I guess performance will cause some headaches, when it comes to real world data,
I will post an initial release at the end of the week, so you can test your
*big* files.
Finally some question:
What protocols can show up in the 'proto' field of ra? I had a quick look at the
2.0.6 source but didn't find the answer (3.0?). Currently I am aware of:
tcp
rtp
rtcp
udp
icmp
man
Do you have some (small!) samples of other transactions than the above, so I can
test the fields?
e.g. vlan mpls - no cisco device at hand, pls donate ;)
More information about the argus
mailing list