rabins trouble clients.67
Michael Hornung
hornung at washington.edu
Thu Jan 10 14:33:46 EST 2008
On x86 I'm trying to split a set of argus records on 1 minute boundaries so I
can count the aggregate number of flows per given minute. I assume the way to
do this is with rabins and then running each rabins output file through
racount.
When I run rabins on my data I don't get the expected series of output files.
I've got 108 argus files each containing a 5 minute chunk of argus data. I
expect that:
rabins -r * -M time 1m -w /tmp/min/x
will read each of those argus files and split the data into a whole lot of
files, each representing 1 minute of activity. When the above command finishes
I look in /tmp/min/ and all I see is:
-rw-rw-r-- 1 argus argus 31071784 Jan 10 10:08 x
I also tried using the time-format output file notation to no avail:
rabins -r * -M time 1m -w "/tmp/min/argus.%H.%M.%S"
Which gave me the single output file:
argus.%H.%M.%S
What am I doing wrong, and is there an easier way to get what I want?
-Mike
More information about the argus
mailing list