Content-type: text/html
Ragraph reads argus(8) data from an argus-file, and graphs fields of interest from matching argus flow activity records. You must specify the metric(s), the flow object/identifier(s) and the time granularity required for the graph. Standard raoptions are available to filter input and specify the time range of interest, and graphing options are provided to specify x and y axis labels, titles, upper and lower range limits, and plot sizes. Support for logorithmic scaling, object stacking, and split graphing are provided to provide some flexibility in the graphs you can produce.
Ragraph supports graphing most metrics that are available in argus data, including, bytes, packet counts, duration, average duration, loss, jitter, load, and rate. These metrics can be graphed in association with flow identifiers, such as source or destination address, network address, source identifier, protocol, port numbers, services, vlan id, mpls tag, ttl, and tos values. Currently, there are limits to the number of metrics and objects that can be graphed at one time, so assume that ragraph is a simple graphing tool.
By default ragraph writes its output to ragraph.png, in the current directory. Use the '-w' raoption to specify an alternate output filename.
Ragraph is implemented as a perl script front-end to the routine rabins and rrd-tool, which is used to generate PNG formatted graphs. As a result ragraph support all the raoption and many options to the rrd-tool graphing functions.
See ra(1) for a complete description of ra options.
To graph the total load for the data in an argus-file argus.data at 10 second intervals:
ragraph bytes -M 10s -r argus.data -title "Total Load"
To graph the rate (pkt/sec) on a destination port basis for the data from a specific probe in an argus-file argus.data at 1 minute intervals:
ragraph bytes dport -M 1m -r argus.data - srcid 192.168.0.10
Carter Bullard (carter@qosient.com).