Question about ra or radump
Carter Bullard via Argus-info
argus-info at lists.andrew.cmu.edu
Tue Aug 30 00:16:39 EDT 2016
ARGUS_CAPTURE_DATA_LEN=128
> On Aug 30, 2016, at 12:10 AM, Andrey Silversburg <andrey.silversburg at gmail.com> wrote:
>
> This is the command:
> /opt/argus-client/bin/radump -s stime pkts suser:64 duser:64 -r /var/log/argus/argus.out - port http
>
> StartTime TotPkts srcUdata dstUdata
>
>
> Maybe there is some parameter from argus.conf i missed.
>
>
> On 8/30/2016 10:45 AM, Carter Bullard wrote:
>> Hey Andry,
>> How are you trying to print the fields ??? And what does the output look like ???
>> Carter
>>
>>> On Aug 29, 2016, at 10:47 PM, Andrey Silversburg via Argus-info <argus-info at lists.andrew.cmu.edu> wrote:
>>>
>>> Hi all, my name is Andrey
>>>
>>> I try to extract some srcUdata and dstUdata from the argus file using radump. I follow from this documentation http://qosient.com/argus/man/man1/radump.1.pdf. But it seems the data is empty but the file is very big around 600MB. Is there any way or configuration from the radump or from argus.conf I missed ?.
>>>
>>> Thank you
>>>
>>> ---
>>> This email has been checked for viruses by Avast antivirus software.
>>> https://www.avast.com/antivirus
>>>
>>>
>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6285 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20160830/0931f0a0/attachment.bin>
More information about the argus
mailing list