Inter packet arrival times, etc
Carter Bullard via Argus-info
argus-info at lists.andrew.cmu.edu
Tue Mar 1 17:36:28 EST 2016
Hey John,
What version of argus are you using ???
You will get blanks for the SIntPkt and DIntPkt fields if there aren’t more than 1 packet in the flow record.
Try printing out at least the spkts and dpkts fields to see that you are getting multiple packets.
You are not turning on source packet size reporting, which needs the -Z option, so do you mean +dintpkt instead of +spktsz ?????
Carter
> On Mar 1, 2016, at 5:29 PM, John T. Myers via Argus-info <argus-info at lists.andrew.cmu.edu> wrote:
>
> Hi,
>
> I'm trying to enable SIntPkt and other similar metrics on live collection against an interface.
>
> Which Argus options enable this? I've tried -J but it does not work.
>
> The two commands I'm using are:
>
> sudo /usr/local/sbin/argus -i en0 -P 1776 -J
>
> and then trying...
>
> ra -A -S 127.0.0.1:1776 <http://127.0.0.1:1776/> -s +sintpkt +spktsz
>
> The additional fields I'm trying to capture are blank, though.
>
> Thanks!
> John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20160301/a5067dbe/attachment.html>
More information about the argus
mailing list