ArgusEye is a GUI for some of the features of Argus. Argus is a powerful suite of tools for transaction-based network auditing. ArgusEye aims at supporting daily work with Argus by providing a graphical user interface.
|Tags||Communications Security Networking Monitoring Internet Utilities|
Release Notes: ArgusEye 0.0.5 was a major rewrite for better performance and modularity. Unfortunately, that left dependencies on development modules and broke some functionality. Version 0.0.6 repairs whois/hostname lookups, port translation, and display filtering.
Release Notes: A live-reading capability was added for remote Argus daemons. Distributed sensors can be managed using a configuration editor. Performance for reading files was improved. Memory leaks in transaction view were fixed.
Release Notes: Improved transaction view performance with multiple views for different files, hostname and whois lookups for IP addresses, a marker feature for specific IP addresses, and on-the-fly syntax checking for Ra filters and display filters.
Release Notes: ArgusEye can now read tcpdump capture files on the fly. tcpdump files compressed with gzip, compress, or bzip2 are supported as well. Parsing of argus state change flags, real TCP flags, and user data bytes has been added. For each transaction, a separate details window is available. The Ra filter and timerange expressions are now automatically saved for reuse and can be selected from a drop-down menu.
No changes have been submitted for this release.