GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
RASORT(1) FreeBSD General Commands Manual RASORT(1)

rasort - sort argus(8) data file.

rasort [[-M sortmode] [-m sort fields] ...] [raoptions] [-- filter-expression]

Rasort reads argus data from an argus-data source, sorts the records based on the criteria specified on the command line, and outputs a valid argus-stream.

Rasort, like all ra based clients, supports a number of ra options including filtering of input argus records through a terminating filter expression. See ra(1) for a complete description of ra options. rasort(1) specific options are:

-M replace
Replace the existing file(s) with the sorted output(s).

-m field [field ...]
Supported sort fields are:

stime
record start time <default>
ltime
record last time.
trans
aggregation record count.
dur
record total duration.
avgdur
record average duration.
mindur
record minimum duration.
maxdur
record maximum duration.
smac
source MAC addr.
dmac
destination MAC addr.
soui
oui portion of the source MAC addr.
doui
oui portion of the destination MAC addr.
saddr[/cidr]
source IP addr, with optional cidr specification for IPv4 addresses.
daddr[/cidr]
destination IP addr, with optional cidr specification for IPv4 addresses.
proto
transaction protocol.
sport
source port number.
dport
destination port number.
stos
source TOS byte value.
dtos
destination TOS byte value.
sttl
src -> dst TTL value.
dttl
dst -> src TTL value.
bytes
total transaction bytes.
sbytes
src -> dst transaction bytes.
dbytes
dst -> src transaction bytes.
pkts
total transaction packet count.
spkts
src -> dst packet count.
dpkts
dst -> src packet count.
load
bits per second.
sload
source bits per second.
dload
destination bits per second.
loss
pkts retransmitted or dropped.
sloss
source pkts retransmitted or dropped.
dloss
destination pkts retransmitted or dropped.
ploss
percent pkts retransmitted or dropped.
sploss
percent source pkts retransmitted or dropped.
dploss
percent destination pkts retransmitted or dropped.
rate
pkts per second.
srate
source pkts per second.
drate
destination pkts per second.
tranref
argus transaction reference number.
seq
argus sequence number.
smpls
source MPLS identifier.
dmpls
destination MPLS identifier.
svlan
source VLAN identifier.
dvlan
destination VLAN identifier.
srcid
argus source identifier.
stcpb
source TCP base sequence number.
dtcpb
destination TCP base sequence number.
tcprtt
TCP connection setup round-trip time.
smeansz
source mean packet size
dmeansz
destination mean packet size
sco
source country code
dco
destination country code
sas
source autonomous system number
das
destination autonomous system number

A sample invocation of rasort(1). This call reads argus(8) data from inputfile and sorts the IP protocol based argus(8) data, first by the destination IP address, then by the service (destination) port number and then by the source IP address, and writes the results to stdout. For most services, this arranges argus(8) formatted data by server, service, and then by client.
rasort -r inputfile -m daddr dport saddr - ip

Copyright (c) 2000-2016 QoSient. All rights reserved.

ra(1), rarc(5), argus(8), 

Carter Bullard (carter@qosient.com).

07 November 2000 rasort 3.0.8
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.