Sophie

Sophie

distrib > Mandriva > 2010.1 > x86_64 > by-pkgid > e864e18410db23850e39900bd88a92a7 > files > 79

argus-clients-3.0.2-2mdv2010.1.x86_64.rpm

# 
#  Argus Software
#  Copyright (c) 2000-2008 QoSient, LLC
#  All rights reserved.
# 
#  This program is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2, or (at your option)
#  any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# Racluster Aggregation Policy Configuration
#
# Carter Bullard
# QoSient, LLC
#
#   This configuration is a racluster(1) flow model configuration file.
#
#   The concept is to bind a traditional ra* filter with an
#   aggregation model.  Records are tested against the filter
#   specifications in "fall down" order, when they match, the
#   aggregation model is used to merge records together.  The model
#   supports hold and idle timers in order to control the holding
#   merging strategies.  If reading from a file, the times are
#   determined from timestamps in the input stream.  The system
#   works best if the input stream is somewhat sorted in time.
#
#   Here is a valid and simple configuration file.   It doesn't do
#   anything in particular, but it is one that is used at some sites.
#

#RACLUSTER_MODEL_NAME=Test Configuration
#RACLUSTER_PRESERVE_FIELDS=yes
#RACLUSTER_REPORT_AGGREGATION=no
#RACLUSTER_AUTO_CORRECTION=yes

filter="icmp"          model="saddr daddr proto dport sport "      status=60  idle=30
filter="arp"           model="saddr daddr proto dport sport "      status=120 idle=60
filter="tcp or udp"    model="saddr daddr proto dport"             status=120 idle=3600  cont
label="Class-Video"    model="srcid saddr daddr proto dport sport" status=5   idle=10
filter="tcp or udp"    model="saddr daddr proto dport"             status=30  idle=120
filter=""              model="saddr daddr proto"                   status=300 idle=3600

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional