Argus Reporting Tool?
jdurick
jdurick at mitre.org
Thu Jun 7 12:44:31 EDT 2007
kkadow:
I wrote that with good intentions (to stay with the development) some
time ago but unfortunately, never kept it up. You might want to check
out ArgusEye at http://www.datenspionage.de/arguseye/. It actually did
alot of what I wanted to do when I was an IDS analyst when we were
primarily using Argus throughout our networks. I initially wanted to
hook into the raw argus output via perl bypassing the need to generate
text output and then parse the output once the argus dumped each hours
worth of data. The way I am doing it is terribly inefficient and was
meant as a solution to help others get a high level view of what is
going on in their network. It was written using Argus 2.0.6 and you can
find perl scripts within the argus source (contrib/) that might help you
out if you want to hack something of your own.
I have not tested ArgusEye out personally but from the website, it
looks like it has plenty of features that might help.
-jd
K K wrote:
> Is there a replacement for JD Durick's ART
> (http://freshmeat.net/projects/art/)?
> Looks like the Perl scripts haven't been touched since 2005 and the
> project homepage and tarball have ceased to exist?
>
> With Argus' capability to directly output XML, is there a better way
> to go about generating user-friendly web page summaries of "top
> talkers" and other interesting near-real-time statistics?
>
>
> Thanks,
>
> Kevin
More information about the argus
mailing list