Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
RASTRIP(1)		    General Commands Manual		    RASTRIP(1)

NAME
       rastrip - strip argus(8)	data file.

SYNOPSIS
       rastrip	[-M  [replace]	[+|-]dsr [-M ...]]  [raoptions]	[-- filter-ex-
       pression]

DESCRIPTION
       Rastrip reads argus data	from an	argus-data source, strips the  records
       based  on  the  criteria	 specified  on the command line, and outputs a
       valid argus-stream. This	is useful to reduce the	 size  of  argus  data
       files.  Rastrip always removes argus management transactions, thus hav-
       ing the same effect as a	'not man' filter expression.

OPTIONS
       Rastrip,	like all ra based clients, supports a number of	ra options in-
       cluding	filtering  of input argus records through a terminating	filter
       expression.  See	ra(1) for a complete description of ra options.	  ras-
       trip(1) specific	options	are:

       -M [+|-]dsr
	   Strip specified dsr (data set record).

	   Supported dsrs are:
	      flow   flow key data (proto, saddr, sport, dir, daddr, dport)
	      time   time stamp	fields (stime, ltime).
	      metric basic ([s|d]bytes,	[s|d]pkts, [s|d]rate, [s|d]load)
	      agr    aggregation stats (trans, avgdur, mindur, maxdur, stdev).
	      net    network objects (tcp, esp,	rtp, icmp data).
	      vlan   VLAN tag data
	      mpls   MPLS label	data
	      jitter Jitter data ([s|d]jit, [s|d]intpkt)
	      ipattr IP	attributes ([s|d]ipid, [s|d]tos, [s|d]dsb, [s|d]ttl)
	      suser  src user captured data bytes (suser)
	      duser  dst captured user data bytes (duser)
	      mac    MAC addresses (smac, dmac)
	      icmp   ICMP specific data	(icmpmap, inode)
	      encaps Flow encapsulation	type indications

       In the default mode, without the	-M option, rastrip removes the follow-
       ing default set of dsrs:	encaps,	agr, vlan, mpls,  mac,	icmp,  ipattr,
       jitter, suser, duser

       -M replace
	   Replace the existing	file with the newly striped file.

INVOCATION
       A  sample invocation of rastrip(1).  This call reads argus(8) data from
       inputfile and strips the	default	dsr set	but keeps  MAC	addresses  and
       writes the result to outputfile:

       rastrip -M +mac -r inputfile -w outputfile

       This  call  removes  only captured user data and	timings	and writes the
       result to stdout:

       rastrip -M -suser -M -duser -M -time -r inputfile

COPYRIGHT
       Copyright (c) 2000-2016 QoSient.	All rights reserved.

SEE ALSO
       ra(1), rarc(5), argus(8),

FILES
AUTHORS
       Carter Bullard (carter@qosient.com).

BUGS
rastrip	3.0.8		       07 November 2000			    RASTRIP(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | INVOCATION | COPYRIGHT | SEE ALSO | FILES | AUTHORS | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=rastrip&sektion=1&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help