dintdistact and similar data
David Edelman
dedelman at iname.com
Thu Jul 4 11:44:41 EDT 2013
Carter,
I'm pretty sure that I enabled all the right things in argus.conf but I
don't get anything when I specifiy -s +dintdistact as an option to ra.
ra is 3.0.7.10 and and argus is 3.0.7.1 I do get the MAC addresses and user
data so I'm sure that the configuration file is being read and there is only
one argus.conf file on the system.
What should I be looking for?
--Dave
ARGUS_FLOW_TYPE="Bidirectional"
ARGUS_FLOW_KEY="CLASSIC_5_TUPLE"
ARGUS_DAEMON=yes
ARGUS_MONITOR_ID=`hostname` // IPv4 address returned
ARGUS_ACCESS_PORT=561
ARGUS_INTERFACE=eth2
ARGUS_GO_PROMISCUOUS=yes
ARGUS_OUTPUT_FILE=/var/log/argus/argus.out
ARGUS_SET_PID=yes
ARGUS_PID_PATH="/var/run"
ARGUS_FLOW_STATUS_INTERVAL=5
ARGUS_MAR_STATUS_INTERVAL=60
ARGUS_GENERATE_RESPONSE_TIME_DATA=yes
ARGUS_GENERATE_PACKET_SIZE=yes
ARGUS_GENERATE_JITTER_DATA=yes
ARGUS_GENERATE_MAC_DATA=yes
ARGUS_GENERATE_APPBYTE_METRIC=yes
ARGUS_GENERATE_TCP_PERF_METRIC=yes
ARGUS_GENERATE_BIDIRECTIONAL_TIMESTAMPS=yes
ARGUS_CAPTURE_DATA_LEN=1024
ARGUS_TUNNEL_DISCOVERY="yes"
ARGUS_KEYSTROKE="yes"
More information about the argus
mailing list