Can Argus output data in Netflow format?

Craig Merchant cmerchant at responsys.com
Mon Jan 27 17:30:30 EST 2014


Actually, Jamie Nebrera, their CTO, posted here a couple weeks ago.  So, they're definitely considering it.  I've been encouraging them too.

Their upcoming 3.0 release has a REST API...  So, I may use Netflow for just simple flow metrics that Splunk can query from their API (saving me license costs) and run Argus for my security analysis.  I'm not willing to give up the keystroke detection inside of encrypted tunnels...

C

From: Carter Bullard [mailto:carter at qosient.com]
Sent: Monday, January 27, 2014 1:11 PM
To: Craig Merchant
Cc: Argus
Subject: Re: [ARGUS] Can Argus output data in Netflow format?

Hey Craig,
No plans to do that.  Argus is all about new methods,
new metrics, and innovation in flow technology.
Not sure its anyones advantage for argus to step backwards.

Why not get the redBorder IDS solution to support argus sensors.
Much better business proposition for the argus project.

Carter

On Jan 27, 2014, at 4:00 PM, Craig Merchant <cmerchant at responsys.com<mailto:cmerchant at responsys.com>> wrote:


Hey, Carter...  I hope 2014 is treating you well.

Is there any way to make Argus output records in a Netflow format?  The next release of the redBorder IDS solution that we use is going to have support for nprobe sensors, but only using the Netflow protocol.  I was just curious if there was a way to make Argus output its records in a way that could be consumed by nprobe...

Thanks!

Craig
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140127/1c05ae97/attachment.html>


More information about the argus mailing list