search
Ctrlk
OverviewGitHubHomepageGoDoc

Filtering and Export

Process Netcap audit records and extract the data you are interested in

hashtag
Exporting Data with net.dump

Netcap offers a simple interface to filter for specific fields and select only those of interest. Filtering and exporting specific fields can be performed with all available audit record types, over a uniform command-line interface. By default, output is generated as CSV with the field names added as first line. It is also possible to use a custom separator string. Fields are exported in the order they are named in the select statement. Sub structures of audit records (for example IPv4Options from an IPv4 packet), are converted to a human readable string representation. More examples for using this feature on the command-line can be found in the usage section.

NETCAP filtering and export

Netcap offers a simple command-line interface to select fields of interest from the gathered audit records.

hashtag
Examples

Show available header fields:

Print all fields for the supplied audit record:

Selecting fields will also define their order:

Print selection in the supplied order and convert timestamps to UTC time:

To save the output into a new file, simply redirect the standard output:

PreviousWorkersNextDownloads

Last updated