Argus 2.0.6 review
DownloadThe Argus Open Project is focused on developing network activity audit strategies that can do real work for the network architect, ad
|
|
The Argus Open Project is focused on developing network activity audit strategies that can do real work for the network architect, administrator and network user.
LATEST NEWS
Mon Jun 19 10:44:52 EDT 2006 *argus-3.0.0 testing has started!
Welcome to the Argus Open Project, home of Argus, the network Audit Record Generation and Utilization System. The Argus Open Project main goal is developing network activity audit strategies that can do real work for the network architect, administrator and network user.
Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information.
Argus can be used to analyze and report on the contents of packet capture files or it can run as a continuous monitor, examining data from a live interface; generating an audit log of all the network activity seen in the packet stream. Argus can be deployed to monitor individual end-systems, or an entire enterprises network activity. As a continuous monitor, Argus provides both push and pull data handling models, to
allow flexible strategies for collecting network audit data. Argus data clients support a range of operations, such as sorting, aggregation, archival and reporting. There is XML support for Argus data, which makes handling Argus data a bit easier, see ArgusRecord.xsd.
The network transaction audit data that Argus generates has been used for a wide range of tasks including Security Management, Network Billing and Accounting, Network Operations Management and Performance Analysis.
Argus currently runs on Linux, Solaris, FreeBSD, OpenBSD, NetBSD, and MAC OS X and its client programs have also been ported to Cygwin. The software should be portable to many versions of Unix with little or no modification. Performance is such that auditing an entire enterprises Internet activity can be accomplished using
modest computing resources. The Argus Open Project is an ongoing and active project. If you areinterested in participating, check out the mailing lists and sign up today!
What's New in This Release:
Multithreaded
Daemon Support
Configuration Files
Syslog Support
Secure Access
Audit Record Changes
Variable Length Records
Argus Source Identifier
Sequence Number
Transaction Reference Number
Security Layer (ESP) Support
Application Layer Byte Counts
Application Layer Data Capture
Multiprotocol Support
Enhanced Performance Reporting
Enhanced TCP Status Reporting
Enhanced Aggregation Support
Server Changes
Improved Accuracy
Improved Reliability
Improved Fragment Support
Multiprotocol Support
Authenticated Access
Confidential Access
Enhanced Physical Interface Support
Multiple Physical Interface Support
Multiple Output File Support
Independant Output Filters
Server Side Filtering
Improved Signal Handling
Daemon Support
Syslog Event Reporting
System Configuration
Environment Variable Support
Enhanced Performance Reporting
Response Time Determination Support
User Data Capture Support
Client Changes
Multiple Server Support
Configurable Output Formats
Cisco Netflow Record Support
Environment Variable Support
Configuration
XML Data Support
Excel Data Importation Support
User Data Printing
ragrep()
Support Scripts and Programs
System startup routines
Sample configurations
Sample Argus Archiving scripts
argusbug Bug reporting tool
Magic file support
Documentation
Better documenation?
HTML man pages.
FAQ
HOW-TO
Argus 2.0.6 keywords