Utils

Utils for working with netcap audit records

Validate generated Output

To ensure values in the generated CSV would not contain the separator string, the -check flag can be used.

This will determine the expected number of separators for the audit record type, and print all lines to stdout that do not have the expected number of separator symbols. The separator symbol will be colored red with ansi escape sequences and each line is followed by the number of separators in red color.

The -sep flag can be used to specify a custom separator.

$ net.util -r TCP.ncap.gz -check
$ net.util -r TCP.ncap.gz -check -sep=";"