Development
Credits
Kudos must continue to be hurled at those on the argus mailing list that contributed so much over all the years, especially to:
Peter Van Epp | Russell Fulton | Eric Pancer |
CS Lee | Nick Diel | Mike Iglesias |
Rodney McKee | Wolfgang Barth | Phillip Deneault |
Robin Gruyters | Scott McIntyre | Michael Hornung |
Mike Newton |
Of course much thanks to the continued support of Mark Poepping, at CMU for his help with all things, resources, configuration, SASL, and debugging support.
Historical thanks to the late Dr. Hank Dardy of the U.S. Naval Research Laboratory (NRL) for his amazing support of flow monitoring and the great people at NRL that provided support, opinions, suggestions, criticisms and/or attitude about high performance flows when there was a reason:
Basil Decina | Larry O'Ferrall | Cho Chang |
Chas Williams | Eric Kinzie | Heidi Hornstein |
Marian Dowling | Dave Burton |
License
Argus is licensed under the GNU General Public License. A copy of the license is provided in both the client and server distribution software.
Other licensing agreements are available for commerical, governmental and educational users. For more information please contact
To Do List
This is a list of features that we are either currently working on in the next release of argus and argus-clients or are things we are thinking about on the developers list. This is not at all a complete list of interesting things to do, and a lot of simple stuff is obviously missing, like Visualization, or Nagios integration, or SIEM integration. Please feel free to comment and contribute to this list through the developers mailing list.
Argus[-clients]-3.0.8
The current list of formal efforts we will add to argus-3.1.0 are:
1 |
Better multi-core support for argus, radium, and database support to improve performance and to support new emerging vendor technologies [ Continuing ] |
---|---|
2 |
Improve GLORAID ELK (Elastic Search, Logstash, Kubana) Argus data integration (need partners for this) [ Pending ] |
3 |
Continue to add attributes to argus data to improve its ability to support Network Operations, Performance and Security management. In particular, to add control plane flow monitoring and host based information elements, such as user and process identifiers to flow data. [ Done, and Continuing ] |
4 |
Introduce Mac OS X visualization and data management applications into the open source code base, and to improve on our globe and our 3D visualilzation methods. [ Pending ] |
5 |
Ports to more devices, such as LinkSys, Apple TV, Samsung Home Devices |
6 |
Improve and document what we've got. [ Working Items ] |
These 6 items include the described issues below:
Full multi-threaded model for argus packet processing. This is designed to turn on a few more of your cores for flow processing.
Argus "events" modules. Provide support for argus to inject non-flow data/metrics into the argus data stream. Data such as SNMP MIB derived data, or /dev/proc (for machines that have /dev/proc) data. The purpose of this is to bring other data into the flow data stream for cross-dimensional correlation. The #1 goal is to provide a mechanism so that argus clients can get application information for the network flows that are being monitored. This is currently working very well in a number of test sites, however, we need work on client parsers for the data types that we report.
Wireless Argus. There are a huge number of operations, performance and security issues that can be addressed with better 802.11ABGN monitoring. Argus runs in laptops and wireless workstations, and OpenWRT based wireless routers. This project will extend argus to provide radio control plane flows, to understand key exchanges, the emergence of new end systems, etc... So suggestions for tracking wireless hosts for operations, performance and security will be most welcome indeed.
Porting Argus to relevant IoT devices to provide ops, performance and security awareness. Argus is running very well in LinkSys OpenWRT based wireless routers, laptops, tablets and some android phones. Getting Argus into as many end systems as possible is a goal for 2017.