AUDITING NETWORK ACTIVITY

Using Argus

Getting Argus

Argus Wiki

Development

Documentation

Publications

Support

Links

News

Ratop Examples

The argus-clients package provides a set of core client programs that provide the basic functions needed to use argus flow data. This includes printing, processing, sorting, aggregating, tallying, collecting, distributing, archiving, and anonymizing data. Here we provide basic examples of how to use the utility ratop. For these examples, we use standard sets of argus data.

Ratop is an example argus data processing environment. Like all client programs, ratop shares the complete set of functionality of ra, and so there is a great deal of flexibility and hopefully, utility.

You can access argus data using ratop(), the tool of choice for browsing argus data, like so:
       ratop -S localhost:561
       ratop -r argus.2012.02.13.17.20.out

ratop can be described as " vi " for argus data. It provides a gui that uses ' vi ' colon commands to navigate and to modify the screen. It provides searching and editing capabilities, but is a work in progress.

Ratop Video Examples

Ratop is the swiss army knife of ra* programs, providing a curses interface to argus data reading, processing, searching, aggregation, filtering and anaylytics. For these examples, we use standard sets of argus data.

filter

Simple example of a ratop() port range display filter

countries

Real time table of network usage based on country codes