Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

rasort(1) [debian man page]

RASORT(1)						      General Commands Manual							 RASORT(1)

NAME

       rasort - sort argus(8) data file.

COPYRIGHT

       Copyright (c) 2000-2003 QoSient. All rights reserved.

SYNOPSIS

       rasort [[-M sortmode] [sortmode] ...]  [raoptions]

DESCRIPTION

       Rasort  reads  argus  data  from an argus-data source, sorts the records based on the criteria specified on the command line, and outputs a
       valid argus-stream.

OPTIONS

       Rasort, like all ra based clients, supports a number of ra options including filtering of input argus records through a terminating  filter
       expression.  See ra(1) for a complete description of ra options.  rasort(1) specific options are:

       -M sortmode    Supported sortmodes are:
	      time	     record start time <default>
	      startime	     record start time <default>
	      lasttime	     record last time.
	      trans	     aggregation record count.
	      dur	     record total duration.
	      avgdur	     record average duration.
	      saddr	     source IP addr.
	      daddr	     destination IP addr.
	      proto	     transaction protocol.
	      sport	     source port number.
	      dport	     destination port number.
	      stos	     source TOS byte value.
	      dtos	     destination TOS byte value.
	      sttl	     src -> dst TTL value.
	      dttl	     dst -> src TTL value.
	      bytes	     total transaction bytes.
	      sbytes	     src -> dst transaction bytes.
	      dbytes	     dst -> src transaction bytes.
	      pkts	     total transaction packet count.
	      spkts	     src -> dst packet count.
	      dpkts	     dst -> src packet count.
	      load	     bits per second.
	      loss	     pkts retransmitted or dropped.
	      rate	     pkts per second.
	      tranref	     argus transaction reference number.
	      seq	     argus sequence number.
	      srcid	     argus source identifier.

INVOCATION

       A sample invocation of rasort(1).  This call reads argus(8) data from inputfile and sorts the IP protocol based argus(8) data, first by the
       destination IP address, then by the service (destination) port number and then by the source IP address, and writes the results to  stdout.
       For most services, this arranges argus(8) formatted data by server, service, and then by client.

       rasort -r inputfile -M daddr dport saddr - ip

SEE ALSO

       ra(1), rarc(5), argus(8), tcpdump(1)

FILES

AUTHORS

       Carter Bullard (carter@qosient.com).

BUGS

								 07 November 2000							 RASORT(1)

Check Out this Related Man Page

RAGRAPH(1)						      General Commands Manual							RAGRAPH(1)

NAME

       ragraph - graph argus(8) data.

COPYRIGHT

       Copyright (c) 2000-2003 QoSient. All rights reserved.

SYNOPSIS

       ragraph metric [object] [-M mode] [options] [raoptions]

DESCRIPTION

       Ragraph	reads argus(8) data from an argus-file, and graphs fields of interest from matching argus flow activity records.  Current, ragraph
       uses rrd-tool to generate GIF formatted graphs, and so many options to rrd-tool are supported by ragraph.

       Ragraph supports graphing most metrics that are available in argus data. The list includes  bytes,  sbytes,  dbytes,  pkts,  spkts,  dpkts,
       trans, dur, avgdur.

       Ragraph	also  supports graphing based on multiple objects, such as the destination address or destination port values.	The list currently
       include saddr, daddr, proto, sport, dport.

       By default ragraph writes its output to ragraph.gif, in the current directory.  Use the '-w' raoption to specify an alternate output  file-
       name.

OPTIONS

       -M <mode> -
	   Specify  the  mode  for printing. Current ragraph supports any arbitrary time range as a mode, specified either as a number followed by
	   the time scale seconds(s), minutes(m), hours(h), days(d), months(M), years(y), or as a type of time, such as hourly, daily, etc.  Exam-
	   les are:
	      -M 1s	 graph bins of size 1 second.
	      -M 15m	 graph bins of size 15 minutes.
	      -M hourly  graph bins of size 1 hour.
	      -M daily	 graph bins of size 1 day.

       -log
	   Use logarithmic scale for y-axis.

       -fill
	   Turn off area fill.

       -stack
	   Turn off data stacking.

       -split
	   Turn off axis splitting for src/dst(in/out) traffic.

       -height
	   Specify height in pixels for the graph (275 pixels)

       -width
	   Specify width in pixels for the graph (800 pixels)

       -upper
	   Specify upper bounds for graphing data (automatic).

       -lower
	   Specify lower bounds for graphing data (automatic).	When data is split, you need to specify the value as a negative number.

       -title
	   Specify a graph title.

RA OPTIONS

       Ragraph, like all ra based clients, supports a number of ra options including filtering of input argus records through a terminating filter
       expression, and specifying an output filename using the -w option.

       See ra(1) for a complete description of ra options.

EXAMPLES

       To graph the total load for the data in an argus-file argus.data at 10 second intervals:
	      ragraph bytes -M 10s -r argus.data -title "Total Load"

       To graph the rate (pkt/sec) on a destination port basis for the data from a specific probe in an argus-file argus.data at 1  minute  inter-
       vals:
	      ragraph pkts dport -M 1m -r argus.data - srcid 192.168.0.10

AUTHORS

       Carter Bullard (carter@qosient.com).

SEE ALSO

       ragraph(5), ra(1), rarc(5), argus(8) tcpdump(1),

								   21 July 2001 							RAGRAPH(1)
Man Page