Getting lots of stats from ra clients
Nick Diel
nick at engineerity.com
Tue Apr 21 12:09:30 EDT 2009
In a research project I am working on, I will be collecting a number of
stats from 70gb+ of argus files. My traditional method would be to run
racount a number of different times with different filters. With this data
set it becomes quite tedious to run through the same set of flows each time
to get different stats.
I am interested in something similar to the bins a number of the ra tools
use. The stats I am collecting currently do not fall under the predefined
bins. For example some of the stats I will be collecting are as followed:
"number of flows with a reset on port 80", "number of flows with a reset
sent by the source on port 80". In addition to not falling under the
current predefined bins, they are not exclusive stats either (some flows may
fall under multiple categories/bins).
So based on what I outline, does anyone know if I can leverage any of the
existing ra tools to help me speed up the process of collecting the stats I
am after?
Thanks,
Nick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20090421/dbfb1483/attachment.html>
More information about the argus
mailing list