DOKK / manpages / debian 11 / argus-client / ralabel.1.en
RALABEL(1) General Commands Manual RALABEL(1)

ralabel - inserts fixed form or free form metadata labels into argus(8). ralabel supports a number of strategies for labeling including 1) address based, providing free form metadata, country code, geo data and fully qualified domain name (FQDN) labeling; 2)port based, providing free form labels using IANA port definitions, and 3) flow filter, providing free form labels based on argus filter specicfications.

ralabel -f address.file [raoptions] [-- filter-expression]

Ralabel reads argus data from an argus-data source, and selects records that include IP addresses specified by the address.spec file. This program provides high performance address matching for any number of addresses.

Ralabel, reads a number of standard IANA IP address file formats that specific IPv4 addresses, CIDR addresses and IPV4 prefix address specification. Examples of these file types are provided in ./support/Config.

ralabel(1) specific options are:

This invocation reads argus(8) data from argusfile and labels records that match any options in the ralabel.conf file.



ralabel -r argusfile -f ralabel.conf - ip

Copyright (c) 2000-2016 QoSient. All rights reserved.

ralabel.conf.5, ra(1), rarc(5), argus(8),

Carter Bullard (carter@qosient.com).
12 August 2003 ralabel 3.0.8