RADIUM_OUTPUT_FILE and "filter"
Carter Bullard
carter at qosient.com
Mon Sep 24 11:58:40 EDT 2007
Hey Wolfgang,
Hmmmm, this should work, but I'll check into it. Another way to do it is
to use rasplit() attaching to the radium. Using bash,
rasplit -S radium -M time 1d -w /path/argus-\$srcid.log
The time is probably not needed, but this is how I always run it.
When splitting, rasplit() can use packet contents to formulate the
pathname for the output file, so. In this case I left out any time
specific identifiers, so it will always, regardless of the time use the
same file. If you want it every day,
rasplit -S radium -M 1d -w /path/argus-\$srcid.%Y.%m.%d.log
You may not need to espace the '$' char as "\$", but I do on my
machine.
Carter
Wolfgang Barth wrote:
> Hi Carter,
>
> I want to write radium collected argus data to different output files, one
> for each srcid.
>
> I tried:
>
> RADIUM_OUTPUT_FILE=/path/argus-sid1.log "srcid sid1"
> RADIUM_OUTPUT_FILE=/path/argus-sid2.log "srcid sid2"
> RADIUM_OUTPUT_FILE=/path/argus-sid3.log "srcid sid3"
>
> but I get always the full (unfiltered) output. It doesn't matter if I use
> hostname or IP address.
>
> What's wrong?
>
> Wolfgang
>
More information about the argus
mailing list