ralabel (1) - Linux Manuals
ralabel: inserts fixed form or free form metadata labels into argus(8).
NAME
ralabel - inserts fixed form or free form metadata labels into argus(8). ralabel supports a number of strategies for labeling including 1) address based, providing free form metadata, country code, geo data and fully qualified domain name (FQDN) labeling; 2)port based, providing free form labels using IANA port definitions, and 3) flow filter, providing free form labels based on argus filter specicfications.
SYNOPSIS
ralabel -f address.file [raoptions] [-- filter-expression]DESCRIPTION
Ralabel reads argus data from an argus-data source, and selects records that include IP addresses specified by the address.spec file. This program provides high performance address matching for any number of addresses.
RALABEL ADDRESS SPECIFICATION
Ralabel, reads a number of standard IANA IP address file formats that specific IPv4 addresses, CIDR addresses and IPV4 prefix address specification. Examples of these file types are provided in ./support/Config.ralabel(1) specific options are:
- -f label.strategy.specification.file
-
INVOCATION
This invocation reads argus(8) data from argusfile and labels records that match any options in the ralabel.conf file.ralabel -r argusfile -f ralabel.conf - ip
COPYRIGHT
Copyright (c) 2000-2016 QoSient. All rights reserved.AUTHORS
Carter Bullard (carter [at] qosient.com).