Filtering and Export
Process Netcap audit records and extract the data you are interested in
Exporting Data with net.dump
Netcap offers a simple interface to filter for specific fields and select only those of interest. Filtering and exporting specific fields can be performed with all available audit record types, over a uniform command-line interface. By default, output is generated as CSV with the field names added as first line. It is also possible to use a custom separator string. Fields are exported in the order they are named in the select statement. Sub structures of audit records (for example IPv4Options from an IPv4 packet), are converted to a human readable string representation. More examples for using this feature on the command-line can be found in the usage section.
Netcap offers a simple command-line interface to select fields of interest from the gathered audit records.
Examples
Show available header fields:
Print all fields for the supplied audit record:
Selecting fields will also define their order:
Print selection in the supplied order and convert timestamps to UTC time:
To save the output into a new file, simply redirect the standard output:
Last updated