There are couple of perl scripts come with argus 3 to process argus data, in case you haven't used them, do try them out, I will just show the result generated by those scripts -
shell>perl ./raips -r ~/pcap-repo/anubis.arg3
Raips will generate all unique IP addresses that are seen in the argus data.
shell>perl ./rahosts -r ~/pcap-repo/anubis.arg3
192.168.0.2: (3) 22.214.171.124, 126.96.36.199, 192.168.0.1
Rahosts will generate host report, and telling you the hosts that initiate network connection(transmitter) and also destination hosts that are probed(receiver), you may get an array of IP addresses in the same network if it is network scanning or worm outbreak activity.
shell>perl ./raports -r ~/pcap-repo/anubis.arg3
188.8.131.52 tcp: (1) 80
192.168.0.1 udp: (1) 53
184.108.40.206 tcp: (1) 1433
Raports will generate the port report, however only on server side, which means those ports that are probed by any host.
If you are not satisfied with the result generated by those scripts, you are free to modify them to fit your needs, basically Carter is just demonstrating what you can do with argus data using some scripting capabilities.