3.0 multiple output files, separate filters
Jonathan Towne
jontow at hijacked.us
Fri Oct 13 15:13:48 EDT 2006
All,
Doing a bit of testing, I wanted to collect session data on a link, and
have a separate output file just for one IP address.
I found the option to do this with one instance of argus running,
but can't seem to get it to work.
Found in the example config:
# The format is:
# ARGUS_OUTPUT_FILE=/full/path/file/name
# ARGUS_OUTPUT_FILE=/full/path/file/name "filter"
Now, if I do:
ARGUS_OUTPUT_FILE=/usr/local/argus/log/full.out
ARGUS_OUTPUT_FILE=/usr/local/argus/log/onecustomer.out "host 1.2.3.4"
Both files catch all session data, the filter does not appear to be
applied.
Just curious if this is a bug, or unfinished feature, or if I'm just
not setting it up quite right, or other?
I'm running a build of 3.0.0.rc.31 from Wednesday afternoon, on an i386
machine with FreeBSD 6.1-STABLE from mid-July.
Thanks;
-- Jonathan Towne
More information about the argus
mailing list