Argus is the first netflow technology, started in 1984 at Georgia Tech, and adapted for cyber security operations in 1990 at the Computer Emergency Response Team (CERT) at Carnegie Mellon University's Software Engineering Institute. While argus has a long history, we still think of argus as innovative and leading edge technology. Comprehensive network transaction auditing is an extremely powerful network tool, supporting network operational awareness, performance analytics, cyber security and most recently AI/ML cyber autonomy.
This package contains the programs that read, collect, parse, graph, store, filter, compare, archive, process and manage argus network audit data and comprise the client part of the Audit Record Generation and Utilization System. The status records can be available for near real-time analytic processing, as you would want for operational fault analysis or intrusion detection, or can be stored and used to generate a network activity audit information system. The programs in this package support this type of processing.
To install the software and get started, see the ./INSTALL file. For answers to many questions, please see the argus web site at http://qosient.com/argus.
The Argus 5.0 has been ported to MacOS, VxWorks, AIX, HPUX, Irix, Onix, SunOS, Solaris, Linux, FreeBSD, OpenBSD, NetBSD, BSD Unix, UniCos, Cygwin and OpenWRT, to name just a few, and the argus client software has been successfully used under most if not all the same platforms. If you port Argus to another system, please let us know on the mailing list.
We encourage you to use the './bin/argusbug' script when posting bug reports about Argus. Argusbug will gather some information about your system and start your editor with a form in which you can describe your problem. Delete information that you consider non-relevant to your problem. Bug reports not generated by Argusbug may be silently ignored by the Argus maintainers, so please use consider using the tool.
Email that reports that 'Argus does not work. Why?' will be completely ignored.
Again, thank you for your interest in Argus. I hope that you find the software useful.
Authors: | Carter Bullard |
---|---|
Version: | 5.0 as of 2023/11/20 |