argus-client 1:3.0.8.2-3 / etc / radium.conf

This file is indexed.

/etc/radium.conf is in argus-client 1:3.0.8.2-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
# 
#  Radium Software
#  Copyright (c) 2000-2016 QoSient, LLC
#  All rights reserved.
# 
#  This program is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2, or (at your option)
#  any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
# 
# Example  radium.conf
#
# Radium will open this radium.conf if its installed as /etc/radium.conf.
# It will also search for this file as radium.conf in directories
# specified in $RADIUMPATH, or $RADIUMHOME, $RADIUMHOME/lib,
# or $HOME, $HOME/lib, and parse it to set common configuration
# options.  All values in this file can be overriden by command
# line options, or other files of this format that can be read in
# using the -F option.
#
#
# Variable Syntax
# 
# Variable assignments must be of the form:
#
#   VARIABLE=
#
# with no white space between the VARIABLE and the '=' sign.
# Quotes are optional for string arguements, but if you want
# to embed comments, then quotes are required.
#
#
# Variable Explanations
#
# Radium is capable of running as a daemon, doing all the right things
# that daemons do.  When this specific configuration file is used 
# to configure the system daemon process (/etc/radium.conf) this
# variable should be set to "yes".
#
# The default value is to not run as a daemon.
#
# This example is to support the ./support/Startup/radium script
# which requires that this variable be set to "yes".
#
# Commandline equivalent   -d
#

#RADIUM_DAEMON=yes


# Radium Monitor Data is uniquely identifiable based on the source
# identifier that is included in each output record.  This is to
# allow you to work with Argus Data from multiple monitors at the
# same time.  The ID is 32 bits long, and supports a number of
# formats as legitimate values. Radium supports unsigned ints, IPv4
# addresses and 4 bytes strings, as values.
#
# The formats are discerned from the values provided.  Double-quoted
# values are treated as strings, and are truncated to 4 characters.
# Non-quoted values are tested for whether they are hostnames, and if
# not, then they are tested wheter they are numbers.
#
# The configuration allows for you to use host names, however, do
# have some understanding how `hostname` will be resolved by the
# nameserver before commiting to this strategy completely.
#
# For convenience, argus supports the notion of "`hostname`" for
# assigning the probe's id.  This is to support management of
# large deployments, so you can have one argus.conf file that works
# for a lot of probes.
#
# For security, argus does not rely on system programs, like hostname.1.
# It implements the logic of hostname itself, so don't try to run
# arbitrary programs using this method, because it won't work.
#
# Commandline equivalent   -e
#

#RADIUM_MONITOR_ID=`hostname`    // IPv4 address returned
#RADIUM_MONITOR_ID=10.2.45.3     // IPv4 address
#RADIUM_MONITOR_ID=2435          // Number
#RADIUM_MONITOR_ID="en0"         // String


# If compiled to support this option, Radium is capable of
# generating a lot of debug information.
#
# The default value is zero (0).
#
# Commandline equivalent   -D
#
 
#RADIUM_DEBUG_LEVEL=0
 

# Radium will periodically report on a its own health, providing
# interface status, total packet and bytes counts, packet drop
# rates, and flow oriented statistics.
#
# These records can be used as "keep alives" for periods when
# there is no network traffic to be monitored.
#
# The default value is 60 seconds, but a value of 60 seconds is
# very common.
#
# Commandline equivalent   -M
#
 
#RADIUM_MAR_STATUS_INTERVAL=60
 

#
# Radium can attach to any number of remote argus data sources,
# argi or radii. The syntax for this variable is a URI that
# specifies the URI schema, with transport,  the hostname or a
# dot notation IP address, followed by an optional port value,
# separated by a ':'.  If the URI format is not specified,
# the URI schema and transport mechanism are the default, argus://
# If the port is not specified, the default value of 561 is used.
#
# Commandline equivalent   -S <argus://host[:port]>
# Commandline equivalent   -S <argus-tcp://host[:port]>
# Commandline equivalent   -S <argus-udp://host[:port]>
# Commandline equivalent   -S <cisco://host[:port]>
# Commandline equivalent   -S <host[:port]>
#

#RADIUM_ARGUS_SERVER=amon:12345
#RADIUM_ARGUS_SERVER=argus://amon:561
#RADIUM_ARGUS_SERVER=argus-tcp://thoth
#RADIUM_ARGUS_SERVER=argus-udp://apophis:562
#RADIUM_ARGUS_SERVER=cisco://192.168.0.4:9699


# You can provide a filter expression here, if you like.
# Radium will filter all input records based on this definition.
# It should be limited to 2K in length.  The default is to
# not filter.
#
# No Commandline equivalent
#
  
#RADIUM_FILTER=""


# Radium can adjust the timestamps in radium records as it receives
# them, based on the measured time difference between radium()
# and the sources.  The variable takes a threshold value in 
# seconds, so you can specify when to make a correction.
#
# No Commandline equivalent
#
  
#RADIUM_ADJUST_TIME=5


# Radium has filter capabilities that use a filter optimizer.
# If there is a need to not use this filter optimizer,
# you can turn it off here.  The default is to leave it on.
#
# Commandline equivalent   -O
#
 
#RADIUM_FILTER_OPTIMIZER=yes
 

# Radium can read Cicso Netflow records directly from Cisco
# routers.  Specifying this value will alert Radium to open
# a UDP based socket listening for data from this name or address.
#
# Commandline equivalent   -C
#

#RADIUM_CISCONETFLOW_PORT=9996


# When radium is compiled with SASL support, radium may be
# required to authenticate to the radium data source before data
# can be received.  This variable will allow one to
# set the user and authorization id's, if needed.  Although
# not recommended you can provide a password through the
# RADIUM_AUTH_PASS variable.  The format for this variable is:
#
# RADIUM_USER_AUTH="user_id/authorization_id"
#
# Commandline equivalent   -U
#

#RADIUM_USER_AUTH="user/auth"
#RADIUM_AUTH_PASS="password"
                                          

# Radium monitors can provide a real-time remote access port
# for other programs to collect Radium data.  This is a TCP based
# port service and the default port number is tcp/561, the
# "experimental monitor" service.  This feature is disabled by
# default, and can be forced off by setting it to zero (0).
#
# When you do want to enable this service, 561 is a good choice,
# as all ra* clients are configured to try this port by default.
#
# Commandline equivalent   -P
#

#RADIUM_ACCESS_PORT=561


# When remote access is enabled (see above), you can specify that Radium
# should bind only to a specific IP address. This is useful, for example,
# in restricting access to the local host, or binding to a private
# interface while capturing from another. The default is to bind to any
# IP address.
#
# Commandline equivalent  -B
#

#RADIUM_BIND_IP=127.0.0.1


#
# Radium can write its output to one or a number of files,
# default limit is 64 concurrent files, each with their own
# independant filters.
#
# The format is:
#      RADIUM_OUTPUT_FILE=/full/path/file/name
#      RADIUM_OUTPUT_FILE=/full/path/file/name "filter"
#
# Most sites will have radium write to a file, for reliablity 
# and performance.  The example file name used here supports
# the archive program ./support/Archive/radiumarchive
# which is  configured to use this file.
#
# Commandline equivalent   -w
#

#RADIUM_OUTPUT_FILE=/var/log/radium/radium.out



# Radium can write its output to one or a number of remote hosts.
# The default limit is 5 concurrent output streams, each with their
# own independant filters.
#
# The format is:
#      RADIUM_OUTPUT_STREAM="URI [filter]"
#      RADIUM_OUTPUT_STREAN="argus-udp://host:port 'tcp and not udp'"
#
# Most sites will have argus listen() for remote sites to request
# argus data, but for some sites and applications sending records without
# registration is desired.  This option will cause argus to transmit records
# that match the optional filter, to the configured targets using UDP as the
# transport mechanism.
#
# Commandline equivalent   -w argus-udp://host:port
#

#RADIUM_OUTPUT_STREAM=argus-udp://224.0.23.40:561



# Radium supports chroot(2) in order to control the file system that
# radium exists in and can access.  Generally used when radium is running
# with privleges, this limits the negative impacts that radium could
# inflict on its host machine.  
#  
# This option will cause the output file names to be relative to this
# directory, and so consider this when trying to find your output files.
#
# Commandline equivalent   -C
#
 
#RADIUM_CHROOT_DIR="/tmp"
 
 
# Radium can be directed to change its user id using the setuid() system
# call.  This is can used when radium is started as root, in order to
# access privleged resources, but then after the resources are opened,
# this directive will cause radium to change its user id value to
# a 'lesser' capable account.  Recommended when radium is running as a
# daemon. 
#
# Commandline equivalent   -u 
#  
 
#RADIUM_SETUSER_ID=user 
 
 
# Radium can be directed to change its group id using the setgid() system
# call.  This is can used when radium is started as root, in order to
# access privleged resources, but then after the resources are opened,
# this directive can be used to change argu's group id value to
# a 'lesser' capable account.  Recommended when radium is running as a
# daemon.
#
# Commandline equivalent   -g
#
 
#RADIUM_SETGROUP_ID=group
 

#
# Data transformation/processing is done on the complete set
# of input records, and all output from this radium node is
# transformed.  This makes cataloging and tracking the
# transformational nodes a bit easier.
#
# This example enables data classification/labeling.
# This function is enabled with a single radium configuration
# keyword RADIUM_CLASSIFIER, and then a ralabel() configuration
# file is provided.
#
# Commandline equivalent   none

#RADIUM_CLASSIFIER_FILE=/usr/argus/ralabel.conf

APT Browse - Built by Thomas Orozco.