Content-type: text/html
Manpage of RAGREP
RAGREP
Section: User Commands (1)
Updated: 07 November 2000
Index
Return to Main Contents
NAME
ragrep - grep argus(8) user captured data.
COPYRIGHT
Copyright (c) 2000-2007 QoSient. All rights reserved.
SYNOPSIS
ragrep
-e <regexp> [-v] [-i]
[raoptions] [- filter-expression]
DESCRIPTION
Ragrep
reads
argus
data from an argus-data source, greps the records based on
the regexp specified on the command line, and outputs a valid
argus-stream.
Ragrep works only on the fields for user captured data. Argus must be started with the configration option ARGUS_CAPTURE_DATA_LEN set to
a value greater than 0, to have these data captured. See argus.conf(5) for detail.
Ragrep is based on GNU grep(1), so the regexp syntax is
the same as for grep(1).
OPTIONS
Ragrep, like all ra based clients, supports a number of
ra options including filtering of input argus
records through a terminating filter expression.
See ra(1) for a complete description of ra options.
ragrep(1) specific options are:
- -e regexp
-
Use the grep(1)-compatible regular expression for filtering.
- -i
-
ignore case.
- -v
-
Reverse the expression matching logic.
INVOCATION
A sample invocation of ragrep(1). This call reads argus(8) data
from inputfile and greps all http transactions that generated a "404 Not Found" error.
- ragrep -r inputfile -e "HTTP.*404"
-
SEE ALSO
ra(1),
rarc(5),
argus(8),
FILES
AUTHORS
Carter Bullard (carter@qosient.com).
BUGS
Index
- NAME
-
- COPYRIGHT
-
- SYNOPSIS
-
- DESCRIPTION
-
- OPTIONS
-
- INVOCATION
-
- SEE ALSO
-
- FILES
-
- AUTHORS
-
- BUGS
-
This document was created by
man2html,
using the manual pages.
Time: 13:20:15 GMT, May 16, 2007