[WISHLIST] How many records to output
Nick Diel
nick at engineerity.com
Thu Sep 11 12:06:32 EDT 2008
A work around I use:
ra -r file.argus -w - - "filter" | ra -r - -N 100
Unfortunately the first ra process will go through the entire file, so if
processing time is a concern...
Nick
On Thu, Sep 11, 2008 at 7:47 AM, Tomoyuki Sakurai <cherry at trombik.org>wrote:
> Hi,
>
> Currently, argus clients have no option to specify how many record to
> output (-N option is how many record to process). This is especially
> useful when you need to know if there is a flow using specific dst port.
> With this option and if you are lucky, you don't have to scan entire file.
> Also, it would be useful to be able to specify next N of records, like
> "2nd 100 flows that matches the filter expression". This is useful for
> pager operation (the one you'll find in a web application like [<<] [1]
> [2] [>>]).
>
> Best regards,
> --
> Tomoyuki Sakurai
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20080911/37b201d0/attachment.html>
More information about the argus
mailing list