-e option - Argus Version 3.0.4
Mark Bartlett
mabartle at gmail.com
Mon Apr 2 14:59:18 EDT 2012
Hello all,
I am having issues with the '-e' option in ARGUS.
I run the following command:
argus -e 200 -w /tmp/testfile
and I get this in the ra output:
0.0.0.100,2012-04-02,14:52:15,2012-04-02,14:52:15,0.000000,192.168.198.137,192.168.198.1,6,22,53215,212,106,106,2,1,1,<?>,1,11,
e
As you can see the Argus Identifier is coming out as an IP address:
0.0.0.100 not 100 which I would like. I think something changed from
the older versions.
In my python script I run the following command and pass some
variables to the command:
arguscommand = "/usr/local/sbin/argus -e "+capID+" -F
"+SCRIPTS+"/argus.conf -r "+cleancapturefile+" -w "+argusoutfile+" -
ip"
Prior to updating to the 3.0.4 version the command above would save
the identifier to the record.
Anyone else seeing a change in the format?? Or am I doing something wrong?
mab
More information about the argus
mailing list