Python Integration
Read Netcap Audit records from Python

Source Code

The Python library for interacting with netcap audit records has been published here:
GitHub - dreadl0ck/pynetcap: Access to NETCAP audit records from Python
GitHub

Usage

Read into python dictionary

Currently it is possible to retrieve the audit records as python dictionary:
1
#!/usr/bin/python
2
3
import pynetcap as nc
4
5
reader = nc.NCReader('pcaps/HTTP.ncap.gz')
6
7
reader.read(dataframe=False)
8
print("RECORDS:")
9
print(reader.records)
Copied!

Read into pandas dataframe

Retrieving the audit records as pandas dataframe:
1
#!/usr/bin/python
2
3
import pynetcap as nc
4
5
reader = nc.NCReader('pcaps/HTTP.ncap.gz')
6
7
reader.read(dataframe=True)
8
print("[INFO] completed reading the audit record file:", reader.filepath)
9
print("DATAFRAME:")
10
print(reader.df)
Copied!
Last modified 2yr ago