The argus-clients package provides a set of example client programs that provide extended processng and analytics for argus flow data. These includes providing a processing environment, new processing and analytics, graphing, storage managment, forensics, and reporting tools. For these examples, we use standard sets of argus data.
raconvert
Ascii to binary argus data record conversion, supporting data generation, editing as well as zeek to argus conversion.
radark
Scanner detection and reporting.
radump
Decode captured user data buffers using tcpdump style and formats.
raevent
Print argus event data.
rafilter
High performance argus record filtering.
ragraph
Time series argus data graphing using rrd-tool and Linux plot backends.
ragrep
Regular expression matching from the captured user data payload contents.
rahisto
Frequency distribution analysis for argus data metrics.
rahosts
IP address inventory reporting
ralabel
Semantic enhancement / metadata tagging through the argus label DSR.
ramysql
Mysql based database utilities for argus data insertion, updates and retreival.
rapath
Print network path topology information derived from argus data.
rapolicy
Continuous access control policy verification based on operation Cisco firewall policies.
raports
Application port usage
rarpwatch
Arpwatch application driven using argus data.
raservices
User data analysis to determine actual protocol in use.
rastream
Argus data stream block processing.
rastrip
Argus data conditioning, reduction, minimization and compression.
ratemplate
Ra client development template for creating new argus clients programs using the library.
ratimerange
Print the argus data file time span.
ratop
Realtime curses based argus data presentation environment, provides vi() like functionality for streaming and file based flow data, supporting printing, searching, editing, sorting, writing argus data.
Each of these example programs provide a proof-of-concept implementation of capabilities that provide utility from argus based flow data.
