Argus conversion v2 to v3?
unFrigidaire Américain
frigidaire.americain at gmail.com
Tue Jun 25 03:41:29 EDT 2013
Hello,
I must be missing something but although I read the FAQ, wiki and manuals, I
can't find the recommended way to convert logs from Argus v2.0.6 (Debian
stable package) to v3.x?
$ ./2.0.6/bin/ra -nr argus.log | wc -l
376209
$ ./3.0.6/bin/ra -nr argus.log
$ echo $?
1
$ ./2.0.6/bin/ra -unns startime flgs proto saddr sport dir daddr dport \
state pkts bytes status -r argus.log > argus.ascii
$ ./3.0.6/bin/raconvert -r argus.ascii
StartTime Flgs Proto SrcAddr Sport Dir
DstAddr Dport TotPkts TotBytes State
00:27:12.000000
02:19:19.000048
02:19:19.000048
02:19:19.000048
02:19:19.000048
02:19:19.000048
02:19:19.000048
02:19:19.000048
02:19:19.000048
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20130625/4415234e/attachment.html>
More information about the argus
mailing list