1RASTRIP(1)                  General Commands Manual                 RASTRIP(1)
2
3
4

NAME

6       rastrip - strip argus(8) data file.
7

SYNOPSIS

9       rastrip  [-M  [replace]  [+|-]dsr  [-M  ...]]   [raoptions] [-- filter-
10       expression]
11

DESCRIPTION

13       Rastrip reads argus data from an argus-data source, strips the  records
14       based  on  the  criteria  specified  on the command line, and outputs a
15       valid argus-stream. This is useful to reduce the  size  of  argus  data
16       files.  Rastrip always removes argus management transactions, thus hav‐
17       ing the same effect as a 'not man' filter expression.
18

OPTIONS

20       Rastrip, like all ra based clients, supports a  number  of  ra  options
21       including filtering of input argus records through a terminating filter
22       expression.  See ra(1) for a complete description of ra options.   ras‐
23       trip(1) specific options are:
24
25       -M [+|-]dsr
26           Strip specified dsr (data set record).
27
28           Supported dsrs are:
29              flow   flow key data (proto, saddr, sport, dir, daddr, dport)
30              time   time stamp fields (stime, ltime).
31              metric basic ([s|d]bytes, [s|d]pkts, [s|d]rate, [s|d]load)
32              agr    aggregation stats (trans, avgdur, mindur, maxdur, stdev).
33              net    network objects (tcp, esp, rtp, icmp data).
34              vlan   VLAN tag data
35              mpls   MPLS label data
36              jitter Jitter data ([s|d]jit, [s|d]intpkt)
37              ipattr IP attributes ([s|d]ipid, [s|d]tos, [s|d]dsb, [s|d]ttl)
38              suser  src user captured data bytes (suser)
39              duser  dst captured user data bytes (duser)
40              mac    MAC addresses (smac, dmac)
41              icmp   ICMP specific data (icmpmap, inode)
42              encaps Flow encapsulation type indications
43
44       In the default mode, without the -M option, rastrip removes the follow‐
45       ing default set of dsrs: encaps, agr, vlan, mpls,  mac,  icmp,  ipattr,
46       jitter, suser, duser
47
48
49       -M replace
50           Replace the existing file with the newly striped file.
51
52

INVOCATION

54       A  sample invocation of rastrip(1).  This call reads argus(8) data from
55       inputfile and strips the default dsr set but keeps  MAC  addresses  and
56       writes the result to outputfile:
57
58       rastrip -M +mac -r inputfile -w outputfile
59
60       This  call  removes  only captured user data and timings and writes the
61       result to stdout:
62
63       rastrip -M -suser -M -duser -M -time -r inputfile
64
65
67       Copyright (c) 2000-2016 QoSient. All rights reserved.
68
69

SEE ALSO

71       ra(1), rarc(5), argus(8),
72

FILES

AUTHORS

75       Carter Bullard (carter@qosient.com).
76

BUGS

78rastrip 3.0.8                  07 November 2000                     RASTRIP(1)
Impressum