unidirectional flows in argus
Carter Bullard
carter at qosient.com
Wed Jul 20 20:00:59 EDT 2011
Hey Will,
We currently don't have methods to convert to unidirectional flows, although it wouldn't take much to do that. How would you want to specify it on the command line ?
You can print unidirectional flow representations using the rmon option, and printing only the src identifiers. So something like:
ra -M rmon -r file -s sstime sdur sadder sport dir daddr dport spkts sbytes
this will print what would be the unidirectional flow stats.
Carter
Carter Bullard, QoSient, LLC
150 E. 57th Street Suite 12D
New York, New York 10022
+1 212 588-9133 Phone
+1 212 588-9134 Fax
On Jul 19, 2011, at 10:57 AM, Will Urbanski <urbanski at vt.edu> wrote:
> Hello,
>
> I am trying to convert some argus captures from bidirectional to
> unidirectional flows to compare with some other captures that were done
> with flow-tools. I've tried (unsuccessfully) to convert the
> bidirectional flows using -M rmon in racount, ra, etc and can't see a
> difference between when -M rmon is and is not specified. Is -M rmon the
> appropriate way to be specifying that I want a unidirectional flow from
> Argus?
>
> Thanks,
>
> Will
>
More information about the argus
mailing list