Content-type: text/html Manpage of RAGREP

RAGREP

Section: User Commands (1)
Updated: 07 November 2000
Index Return to Main Contents
 

NAME

ragrep - grep argus(8) user captured data.  

COPYRIGHT

Copyright (c) 2000-2007 QoSient. All rights reserved.  

SYNOPSIS

ragrep -e <regexp> [-v] [-i] [raoptions] [- filter-expression]  

DESCRIPTION

Ragrep reads argus data from an argus-data source, greps the records based on the regexp specified on the command line, and outputs a valid argus-stream.

Ragrep works only on the fields for user captured data. Argus must be started with the configration option ARGUS_CAPTURE_DATA_LEN set to a value greater than 0, to have these data captured. See argus.conf(5) for detail.

Ragrep is based on GNU grep(1), so the regexp syntax is the same as for grep(1).  

OPTIONS

Ragrep, like all ra based clients, supports a number of ra options including filtering of input argus records through a terminating filter expression. See ra(1) for a complete description of ra options. ragrep(1) specific options are:

-e regexp
Use the grep(1)-compatible regular expression for filtering.

-i
ignore case.

-v
Reverse the expression matching logic.

 

INVOCATION

A sample invocation of ragrep(1). This call reads argus(8) data from inputfile and greps all http transactions that generated a "404 Not Found" error.

ragrep -r inputfile -e "HTTP.*404"

 

SEE ALSO

ra(1), rarc(5), argus(8),

 

FILES

 

AUTHORS

Carter Bullard (carter@qosient.com).
 

BUGS


 

Index

NAME
COPYRIGHT
SYNOPSIS
DESCRIPTION
OPTIONS
INVOCATION
SEE ALSO
FILES
AUTHORS
BUGS

This document was created by man2html, using the manual pages.
Time: 13:20:15 GMT, May 16, 2007