argus-3.0.0 ArgusWriteOutSocket
Michael Hornung
hornung at cac.washington.edu
Tue Jun 19 13:12:41 EDT 2007
I'm running the most recent argus code on x86 Linux (Fedora Core 6). I
have debug logging set to level 1 and saw this:
argus[17957]: 19 Jun 07 10:01:57.110399 ArgusWriteOutSocket(0x8fbd8bc) max
queue exceeded 100001
argus[17957]: 19 Jun 07 10:01:57.111840 ArgusWriteOutSocket(0x8fbd8bc) max
queue exceeded 100001
argus[17957]: 19 Jun 07 10:04:01.513001 connect from XX.XX.XX.XX
It looks like something happened and the remote radium listener got
disconnected and then re-connected a few minutes later. Is this something
to be concerned about? Can it be fixed by system tuning? I have never
seen this message before. I would say any loss of captured data is worth
concern. I don't have a pcap from when this occurred.
-Mike
More information about the argus
mailing list