Getting total traffic counts for a specific host
David
lists at edeca.net
Thu Aug 28 07:23:12 EDT 2008
Firstly thanks for all the previous help. I have now imported all my
data again and split it up by day, which is much more manageable.
I am trying to solve the following problem but can't think where to
begin. I want to pick out one host from my argus files and work out
the total traffic to/from it over a few months. Calculating this in 6
hour blocks would be a good starting point.
If I can get an approximation as if I had sampled the interface
statistics every 6 hours over a few months (for src pkts, src bytes,
dst pkts & dst btyes), that would be excellent.
I'm not sure how to aggregate over a 6 hour period (though I think
rabins should help) nor how to ensure that src and dst always refer to
the same 'direction' to or from the machine.
Does this make sense?
Regards,
David
More information about the argus
mailing list