Connecting to a remote radium instance: gzip no bueno?
Carter Bullard
carter at qosient.com
Thu Jul 19 13:36:39 EDT 2012
Hey Jesse,
No, didn't put in the decompress logic, but I can put that in.
I also didn't put in wildcarding, but that too should be easy to put in.
We need to decompress the file on the radium side, because it needs to
process the contents as argus records, so it can perform a remote filter
against the file (also to prevent radium from being exploited to move
arbitrary files). Let me see how easy it would be to put in.
Carter
On Jul 17, 2012, at 10:55 PM, Jesse Bowling wrote:
> Hi,
>
> I'm trying to connect to a remote radium instance and access files stored in the local filesystem. I eventually tried:
>
> # ra -S 10.0.0.5:561/nsm/argus/data/10.0.00.5/2012/07/16/argus.2012.07.16.11.20.00.gz -
> StartTime Flgs Proto SrcAddr Sport Dir DstAddr Dport TotPkts TotBytes State
> 18:50:56.12641* man 0. 0 0. 0 0 0 STA
> 20:43:37.204043 N*
>
> No errors, but obviously not right...So, I tried uncompressing the file, and all works as expected.
>
> Is reading compressed files remotely unsupported by radium, or do I have a misconfiguration somewhere?
>
> Running argus-3.0.6.1 and argus-clients-3.0.6.2....
>
> Cheers,
>
> Jesse
>
> --
> Jesse Bowling
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20120719/ed879903/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4367 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20120719/ed879903/attachment.bin>
More information about the argus
mailing list