racount
CS Lee
geek00l at gmail.com
Mon Jan 28 12:11:19 EST 2008
Hi Matthew,
There's no -a option, simply use -
racount -r whatever.argus3
This will produce result you need.
Date: Sun, 27 Jan 2008 10:52:59 -0800
From: "Mathew Brown" <mathewbrown at fastmail.fm>
Subject: [ARGUS] racount and other commands won't run under
argus-clients-3.0.0.rc.68
To: argus-info at lists.andrew.cmu.edu
Message-ID: <1201459980.14910.1233537409 at webmail.messagingengine.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
I'm new to Argus and just recently compiled and installed argus and
argus-clients on a Debian machine. I'm able to run argus
successfully:
argus -r capture.cap -w capture.cap.argus
works fine. However, when I try to run any of the r-commands such as
rahosts or racount, it gives me the following error such as:
racount -ar capture.cap.argus
racount[27189]: 20:51:15.185652 /etc/ra.conf: syntax error line 199
racount records total_pkts src_pkts dst_pkts
total_bytes src_bytes dst_bytes
sum 0 0 0 0 0
0 0
Looking into /etc/ra.conf on line 199, I see the following:
RA_PRINT_HOSTNAMES=no
Any ideas? Thanks for your help.
PS. I'm currently using argus-3.0.0 and
argus-clients-3.0.0.rc.68.tar.gz
--
Mathew Brown
mathewbrown at fastmail.fm
--
Best Regards,
CS Lee<geek00L[at]gmail.com>
http://geek00l.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20080129/9fd9e85f/attachment.html>
More information about the argus
mailing list