Python Integration

Read Netcap Audit records from Python

Source Code

The Python library for interacting with netcap audit records has been published here:

GitHub - dreadl0ck/pynetcap: Access to NETCAP audit records from PythonGitHub

Usage

Read into python dictionary

Currently it is possible to retrieve the audit records as python dictionary:

#!/usr/bin/python

import pynetcap as nc

reader = nc.NCReader('pcaps/HTTP.ncap.gz')

reader.read(dataframe=False)
print("RECORDS:")
print(reader.records)

Read into pandas dataframe

Retrieving the audit records as pandas dataframe:

#!/usr/bin/python

import pynetcap as nc

reader = nc.NCReader('pcaps/HTTP.ncap.gz')

reader.read(dataframe=True)
print("[INFO] completed reading the audit record file:", reader.filepath)
print("DATAFRAME:")
print(reader.df)

PreviousDevice Profiles NextChangelog

Last updated 6 years ago