NAME¶

ralabel - inserts fixed form or free form metadata labels into argus(8). ralabel supports a number of strategies for labeling including 1) address based, providing free form metadata, country code, geo data and fully qualified domain name (FQDN) labeling; 2)port based, providing free form labels using IANA port definitions, and 3) flow filter, providing free form labels based on argus filter specicfications.

SYNOPSIS¶

ralabel -f address.file [raoptions] [-- filter-expression]

DESCRIPTION¶

Ralabel reads argus data from an argus-data source, and selects records that include IP addresses specified by the address.spec file. This program provides high performance address matching for any number of addresses.

RALABEL ADDRESS SPECIFICATION¶

Ralabel, reads a number of standard IANA IP address file formats that specific IPv4 addresses, CIDR addresses and IPV4 prefix address specification. Examples of these file types are provided in ./support/Config.

ralabel(1) specific options are:

-f label.strategy.specification.file

INVOCATION¶

This invocation reads argus(8) data from argusfile and labels records that match any options in the ralabel.conf file.



 


   ralabel -r argusfile -f ralabel.conf - ip

COPYRIGHT¶

AUTHORS¶

Carter Bullard (carter@qosient.com).

12 August 2003

ralabel 3.0.8

Source file:	ralabel.1.en.gz (from argus-client 3.0.8.2-4.2)
Source last updated:	2024-02-20T10:28:13Z
Converted to HTML:	2024-12-31T00:56:35Z