argus-3.0.8 development starting

Carter Bullard carter at qosient.com
Tue Jun 12 11:19:15 EDT 2012 

Gentle people,
Looks like many of the bugs are ringing out of argus-3.0.6, and so we can
start the development cycle for argus-3.0.8, which right now, includes:

  Argus - reading Netflow V9
          reading Sflow (final implementation)
          Improved multi-threaded design
          Extended Argus ID's

Clients - More DB support
          Archive searching (addrs, ports, strings)
          Report generation
          GUI's (color curses, flow visualizations)

I have begun a number of these efforts already, and will need volunteers
for testing.  Time based searching support is complete, and IP address
support is almost done.  These use mysql as an index store, with the
primitive data stored in a native OS file system.

I'll need volunteers and data to support the Netflow V9 and Sflow implementations.
Please send email to the list, or to me, if you would like to contribute to the
Netflow and Sflow efforts.

We ran into the biggest problem with Netflow V9 and IPFIX data when trying
to get the support out for argus-3.0.6.   Some of the test data was unreadable,
because the data source failed to transmit all the templates.   So I had 50GB
of data, with no way to decode it.  We'll need a number of data sources to get
around these problems, some as simple as it gets, some with some of the more
interesting options added.  If you can volunteer, or provide data, that would be
very much appreciated.

So, we'll need to set some guidelines in order to get a decent implementation.
If you have any comments / opinions / suggestions, please don't hesitate to
send to either me or the list.

Hope all is most excellent, and thanks for all the help !!!!!!

Carter




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20120612/5e06d2fb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4367 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20120612/5e06d2fb/attachment.bin>

More information about the argus mailing list