ragraph / pipe problem just not fixed?

[Carter Bullard]

Since ragraph actually calls rabins() you probably don't need the  
first call.
Does this generate a decent graph?

    ragraph sbytes dbytes -M rmon time 1m -m smac -t 2007/10/04 -r  
file -w ragraph.png --
         ether host 00:15:F2:64:92:13

And just for completeness, you don' t need the "-r -" as that is the
default input.

Use rabins() to generate an output file and use ra to see if the data
is reasonable.  And try to graph the srate and drate, rather than the
sbytes and dbytes, to see if there is any discrepancy.  One could be
reporting bits per sec, and the other could be reporting bytes per sec?

Carter


On Oct 4, 2007, at 3:58 PM, Wolfgang Barth wrote:

> On Thu, Oct 04, 2007 at 02:45:48PM -0400, Carter Bullard wrote:
>
>> Since you find bugs faster than most ;o)  I just found a really  
>> bad one
>> with reading data from standard input, that was introduced late last
>> night.
>> I've uploaded a new refresh of rc.58, so if your reading from  
>> pipes and
>> nothing is happening, get this version and all should be better.
>
> I think there ist always a bug in the version from 15:34h, may be with
> stdin.
>
> I'm using the following code for graphing interface load:
>
> /usr/local/bin/rabins -M rmon 1m -m smac -t 2007/10/04 \
>    -r /var/log/argus/argus.log -w - - srcid eligate2 | \
>    /usr/local/bin/ragraph sbytes dbytes -M 1m -title 'eligate2:  
> Load' \
>    -height 200 -upper 1000000 -rigid -lower 1000000 -rigid -t  
> 2007/10/04 \
>    -w /var/www/argus/eligate2/load/current.png -r - - ether dst  
> 00:15:F2:64:92:13
>
> A simple graph ploting sbytes dbytes in relation to src addresses  
> shows 3
> to 4 times more bandwith at the same time. May be my call matches  
> not the
> new interface?
>
> Wolfgang
> -- 
> <wob (at) swobspace de> * http://www.swobspace.de
>