Can no more set the srcid

Carter Bullard carter at qosient.com
Thu Jul 22 01:44:17 EDT 2010


Hey Claudio,
I've uploaded a new argus-3.0.3 distribution that fixes the "-e srcid" error when
reading from files.  The new distribution is:

   http://qosient.com/argus/dev/argus-3.0.3.16.tar.gz

Thanks for the bug report.  I hope that all is now most excellent,

Carter

On Jul 18, 2010, at 8:41 AM, Claudio Luck wrote:

> Hello
> 
> Setting the srcid (the "-e" option) no more works for me in argus
> 3.0.3.15 (and 3.0.3.12).
> 
> This command line used to produce the expected output until 3.0.2:
> 
> # /usr/local/sbin/argus -d -P0 -M90 -mpRAJ -i eth1 -e 172.17.15.2 -S 60 -w /var/log/sensor-172.17.15.2.argus.log
> 
> 
> When looking at the logfile while switching versions from 3.0.2 to
> 3.0.3.15 illustrates the problem:
> 
> # racluster -nr /var/log/sensor-172.17.15.2.argus.log -m srcid -s +srcid
>   13:39:01.911873  *U   F     ip            0.0.0.0          <->            0.0.0.0         2217178 1712939753   CON        172.17.15.2
>   13:43:52.272594  *U   F     ip            0.0.0.0          <->            0.0.0.0          404756  314137927   CON            0.0.0.0
> 
> This normally has only one line, the first. When going back to 3.0.2 all
> is back to normal.
> 
> Running on Debian GNU/Linux 5.0.4 (lenny), Intel x86 32bit Platform.
> 
> 
> -- 
> Gruss
> Claudio Luck
> 
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3681 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20100722/48fe11d3/attachment.bin>


More information about the argus mailing list