argus client commands, unexpected results?

Matt Sheridan mattmail5050 at gmail.com
Tue Nov 17 11:07:03 EST 2009 

Fixed.

lack of ncurses-devel package was the issue.

Thanks for your patience.

Matt

On Tue, Nov 17, 2009 at 11:01 AM, Matt Sheridan <mattmail5050 at gmail.com>wrote:

> Looks like it is needing the devel package... cant find the header file.
> Ill round that up and see if it fixes the issue...
>
> find / -name ncurses.h (returns nothing)
>
>
> On Tue, Nov 17, 2009 at 10:59 AM, Matt Sheridan <mattmail5050 at gmail.com>wrote:
>
>> Interesting -
>>
>> configure claims it does not find it, but yum indicates that it is
>> installed:
>>
>> ./configure |grep curses
>> checking ncurses.h usability... no
>> checking ncurses.h presence... no
>> checking for ncurses.h... no
>>
>> yum install ncurses
>> Loaded plugins: downloadonly, rhnplugin, security
>> Setting up Install Process
>> Package ncurses-5.5-24.20060715.x86_64 already installed and latest
>> version
>> Package ncurses-5.5-24.20060715.i386 already installed and latest version
>> Nothing to do
>>
>>
>>
>> On Tue, Nov 17, 2009 at 10:46 AM, <carter at qosient.com> wrote:
>>
>>> Usually, it means that you haven't got curses installed. When you
>>> configured the clients, what did it say about curses?
>>>
>>>
>>> Carter
>>>
>>> Sent from my Verizon Wireless BlackBerry
>>> ------------------------------
>>> *From: * Matt Sheridan <mattmail5050 at gmail.com>
>>> *Date: *Tue, 17 Nov 2009 10:29:45 -0500
>>> *To: *<carter at qosient.com>
>>> *Cc: *<argus-info at lists.andrew.cmu.edu>
>>> *Subject: *Re: [ARGUS] argus client commands, unexpected results?
>>>
>>> Excellent, that worked. Thank you. I saw that syntax of "-" in the man
>>> pages, and tried a few variations, but apparently not the right one.
>>>
>>> Is there any similarly simple reason that ratop does not return any
>>> results? Could that be related to the type of session I am using (SSH over
>>> SecureCRT)?
>>>
>>> Both from local file and local server hang on carriage return:
>>>
>>> [root at xxxxx 127.0.0.1]# ratop -S localhost:561
>>> [root at xxxxx 127.0.0.1]# ratop -r ./argus.2009_11_17_1020.out
>>>
>>> I appreciate your time.
>>>
>>> Matt
>>>
>>>
>>> On Tue, Nov 17, 2009 at 10:22 AM, <carter at qosient.com> wrote:
>>>
>>>> Hey Matt,
>>>> You have to out a '-' before the filter.
>>>> In your last command, your are trying to read "host" and "10......." as
>>>> inputfiles. If you were to use the "-D" option, it would tell you.
>>>>
>>>>
>>>> ra -r ./argus.2009_11_16_1640.out host 10.192.1.23
>>>>
>>>> Becomes
>>>>
>>>> ra -r ./argus.2009_11_16_1640.out - host 10.192.1.23
>>>>
>>>>
>>>> Carter
>>>>
>>>> Sent from my Verizon Wireless BlackBerry
>>>> ------------------------------
>>>> *From: * Matt Sheridan <mattmail5050 at gmail.com>
>>>> *Date: *Mon, 16 Nov 2009 16:52:31 -0500
>>>> *To: *<argus-info at lists.andrew.cmu.edu>
>>>> *Subject: *[ARGUS] argus client commands, unexpected results?
>>>>
>>>> Two commands seem to be returning unexpected results. The tar I
>>>> downloaded just a week ago was named argus-clients-3.0.0.tar. Installed on
>>>> RHEL5 Intel 64bit.
>>>>
>>>> Running ratop just hangs (ratop -S localhost:561). No new prompt, just
>>>> hangs on carriage return. I originally thought this was just a terminal
>>>> isssue. I am VT100 on a SecureCRT ssh session. But when I began to have
>>>> other issues, I wondered if it was symptomatic of something else.
>>>>
>>>> running ra against a argus server with parsing laguage returns results
>>>> as expected, running it against a argus file does not - it simply returns
>>>> all results. So:
>>>>
>>>> Using the local argus server on a listening port:
>>>>
>>>> [root at xxxxxx 127.0.0.1]# ra -S localhost:561 host 10.192.1.23
>>>>    16:46:44.047054  M         tcp        10.192.1.23.33170     ->
>>>> x.x.x.x.https         4        240   FIN
>>>>    16:46:44.096464  M         tcp        10.192.1.23.42979     ->
>>>> x.x.x.x.https         4        240   FIN
>>>>    16:46:44.336521  M         tcp        10.192.1.23.15801     ->
>>>> x.x.x.x.https         4        240   FIN
>>>>    16:46:44.524054  M        icmp    x.x.x.x          <->
>>>> 10.192.1.23               2        196   ECO
>>>>    16:46:44.777712  M         tcp        10.192.1.23.20676     ->
>>>> x.x.x.x.https        54      30136   CON
>>>>
>>>> using a local file, written by rastream:
>>>>
>>>> ra -r ./argus.2009_11_16_1640.out host 10.192.1.23
>>>>
>>>> just dumps out the entire .out file.
>>>>
>>>>
>>>> Thanks for your help!
>>>> Matt
>>>>
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20091117/beda78e2/attachment.html>

More information about the argus mailing list