-
Notifications
You must be signed in to change notification settings - Fork 4
Home
Welcome to the openargus clients wiki! Here we'll try to use GitHub to develop some new features.
In preparation for Argus 4.0 we're going to move some of ArgusPro's features to the open source, such as json processing and importing other flow data into the Argus processing system.
Argus 4.0 is focused on generating argus data in endpoints. This is critical to getting the granular visibility for real cyber detection and forensics. As a part of improving visibility throughout the network, we're also going to import data from other flow systems. In particular, we'll want to import Zeek connection logs as many organizations generate Zeek data.
Argus can natively read Netflow V 4,5 and flow-tools flow formats. We'll add importing / converting json formatted Zeek conn.logs into Argus binary formats using our existing program raconvert.1 ... Json because we have added json processing into the argus client library, but we can do non-json formats as well.