man racount (Commandes) - count things from an argus(8) data file/stream.

NAME

racount - count things from an argus(8) data file/stream.

COPYRIGHT

Copyright (c) 2000-2003 QoSient. All rights reserved.

SYNOPSIS

racount -r argus-file [ra options]

DESCRIPTION

Racount reads argus data from an argus-file list, and prints out various counts from the data in the file.

OPTIONS

Racount, like all ra based clients, supports a number of ra options including filtering of input argus records through a terminating filter expression. See ra(1) for a complete description of ra options.

EXAMPLE INVOCATION

racount -r argus.file

racount    records       total_pkts         src_pkts         dst_pkts      total_bytes        src_bytes        dst_bytes
    sum        279             1112              661              451           165567            94561            71006

racount -ar argus.file

racount    records       total_pkts         src_pkts         dst_pkts      total_bytes        src_bytes        dst_bytes
    tcp         47              777              405              372           119782            66541            53241
    udp        135              180              137               43            35987            20466            15521
   icmp         18               47               40                7             3318             2814              504
     ip         50               50               50                0             3000             3000                0
    arp         29               58               29               29             3480             1740             1740
    sum        279             1112              661              451           165567            94561            71006
racount -r argus.file - tcp and retrans
racount    records       total_pkts         src_pkts         dst_pkts      total_bytes        src_bytes        dst_bytes
    tcp         15              276              141              135            22073             8758            13315

AUTHORS

Carter Bullard (carter@qosient.com).

SEE ALSO

ra(1), rarc(5), argus(8) tcpdump(1),