[ARGUS] Problem Running ra
Robert Osgood
rosgood at gmu.edu
Tue Mar 21 15:33:58 EDT 2023
Please see attached.
________________________________
Bob Osgood
Director - Digital Forensics
Interim Director - TCOM
George Mason University
Engineering Building Room 3800
rosgood at gmu.edu
703-993-5443
https://<http://cfrs.gmu.edu>dfor.gmu.edu
________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20230321/81d723aa/attachment.htm>
-------------- next part --------------
From: rosgood at gmu.edu
To: argus-info at lists.andrew.cmu.edu
Subject: ArgusClientBug ra not processing argus records
>Description:
When running ra in Ubuntu 22.04.2 against an argus file generated from a pcap, I get an error message:ra[50448]: 15:06:44.834896 ArgusGenerateRecordStruct: post ARGUS_DATA_DSR len is zero
I have run ra again multiple argus files getting the same error message.
>How-To-Repeat:
ra -n -r printer.argus -c ',' > printer.csv
ra[50448]: 15:06:44.834896 ArgusGenerateRecordStruct: post ARGUS_DATA_DSR len is zero
bob at Bob-DFOR:~/pcaps$ wc -l printer.csv
1851 printer.csv
The csv file should have 3180 records. When I run ra in Ubuntu 20.X, it runs
without issue. This error occurs even after I upgraded argus-clients.
>Fix:
Do not know.
>Submitter-Id: Robert Osgood
>Originator: rosgood at gmu.edu
>Organization: George Mason University
>Argus support: [none | licence | email support | extended email support ]
>Release: argus-3.0.4
>Product: <[ ra | rabins | racluster | raconvert | racount | radark | radump | raevent | rafiteraddr | ragraph | rahisto | rahosts | ralabel | ranonyize | rapath | raplot | rapolicy | rasports | raservices | rasort | rasplit | rasql | rasqlinsert | rasqltimeindex | rastream | rastrip | ratimerange | ratop | ratree | rauserdata ] (one line)>
>Synopsis: <synopsis of the problem (one line)>
>Class: <[ install-bug | sw-bug | doc-bug | change-request | support ] (one line)>
>Severity: <[ non-critical | serious | critical ] (one line)>
>Priority: <[ low | medium | high ] (one line)>
>Environment: <machine, os, target, libraries (multiple lines)>
System: Linux Bob-DFOR 5.19.0-35-generic #36~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Feb 17 15:17:25 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
Arch: x86_64
Paths: /usr/local/bin/ra /usr/bin/make /usr/bin/gmake /usr/bin/gcc /usr/bin/cc
RA: Ra Version 3.0.8.4
GCC: Using built-in specs.
COLLECT_GCC=/usr/bin/gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/11/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:amdgcn-amdhsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 11.3.0-1ubuntu1~22.04' --with-bugurl=file:///usr/share/doc/gcc-11/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,m2 --prefix=/usr --with-gcc-major-version-only --program-suffix=-11 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --enable-bootstrap --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --enable-default-pie --with-system-zlib --enable-libphobos-checking=release --with-target-system-zlib=auto --enable-objc-gc=auto --enable-multiarch --disable-werror --enable-cet --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none=/build/gcc-11-xKiWfi/gcc-11-11.3.0/debian/tmp-nvptx/usr,amdgcn-amdhsa=/build/gcc-11-xKiWfi/gcc-11-11.3.0/debian/tmp-gcn/usr --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu --with-build-config=bootstrap-lto-lean --enable-link-serialization=2
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 11.3.0 (Ubuntu 11.3.0-1ubuntu1~22.04)
More information about the argus
mailing list