Statistics of active and idle packets
Daniel Hunter via Argus-info
argus-info at lists.andrew.cmu.edu
Wed Mar 23 11:04:07 EDT 2016
Hello! I want to know more details about some of the argus/ra fields. In
particular, I am interested in sintpktact and sintpktidl (along with the
similar fields for the destination and jitters). What distinguishes a
packet as active or idle? I have found that the active source jitter
(sjitact) is rarely filled (http/https and ssh traffic).
I am also curious about the distribution fields such as sintdist and
dintdist. Is there a good example of how to use these fields?
I am using Argus v3.0.8.1. Thanks much!
-- Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20160323/8eb0926a/attachment.html>
More information about the argus
mailing list