TopN question
Robin Gruyters
r.gruyters at yirdis.nl
Thu Sep 28 11:17:56 EDT 2006
Hi ya,
I'm trying to build a TopN list based on src address and amount of
(src) bytes:
[...]
racluster -M rmon -m proto saddr sport daddr bytes -w - -R 2006/09/28 - ip | \
rasort -m saddr sbytes -s stime ltime proto saddr sport daddr spkts
dpkts sbytes dbytes
[...]
Is this the right way, or am I completely on the wrong track...
Also if people have more examples to build nice lists, please share
them with us..
Regards,
Robin Gruyters
Network and Security Engineer
Yirdis B.V.
I: http://yirdis.com
P: +31 (0)36 5300394
F: +31 (0)36 5489119
More information about the argus
mailing list