NETCAP
Overview
GitHub
Homepage
GoDoc
Search…
v0.5
Overview
Audit Records
Specification
Installation
Quickstart
Configuration
Bash Completion
Packet Collection
Audit Record Labeling
HTTP Proxy
USB Capture
Payload Capture
Distributed Collection
Workers
Filtering and Export
Data Compression
Internals
Metrics
Resolvers
TLS Fingerprinting
Reassembly
Deep Packet Inspection
Live Capture
Maltego Integration
Logging
Packet Contexts
Industrial Control Systems
File Extraction
Email Extraction
Device Profiles
Python Integration
Changelog
Troubleshooting
Unit Tests
Extension
Downloads
Docker Containers
FAQ
Contributing
License
Powered By
GitBook
Python Integration
Read Netcap Audit records from Python
Source Code
The Python library for interacting with netcap audit records has been published here:
GitHub - dreadl0ck/pynetcap: Access to NETCAP audit records from Python
GitHub
Usage
Read into python dictionary
Currently it is possible to retrieve the audit records as python dictionary:
1
#!/usr/bin/python
2
​
3
import
pynetcap
as
nc
4
​
5
reader
=
nc
.
NCReader
(
'pcaps/HTTP.ncap.gz'
)
6
​
7
reader
.
read
(
dataframe
=
False
)
8
print
(
"RECORDS:"
)
9
print
(
reader
.
records
)
Copied!
Read into pandas dataframe
Retrieving the audit records as pandas dataframe:
1
#!/usr/bin/python
2
​
3
import
pynetcap
as
nc
4
​
5
reader
=
nc
.
NCReader
(
'pcaps/HTTP.ncap.gz'
)
6
​
7
reader
.
read
(
dataframe
=
True
)
8
print
(
"[INFO] completed reading the audit record file:"
,
reader
.
filepath
)
9
print
(
"DATAFRAME:"
)
10
print
(
reader
.
df
)
Copied!
Previous
Device Profiles
Next
Changelog
Last modified
3yr ago
Copy link
Contents
Source Code
Usage
Read into python dictionary
Read into pandas dataframe