flow-cat(1)                 General Commands Manual                flow-cat(1)
2
3
4

NAME
6       flow-cat — Concatenate flow files
7

SYNOPSIS
9       flow-cat [-aghmp]  [-b big|little]  [-C comment]  [-d debug_level]  [-o
10       filename]  [-t start_time]  [-T start_time]  [-z z_level]  [file|direc‐
11       tory ...]
12

DESCRIPTION
14       The flow-cat utility processes files and/or directories of files in the
15       flow-tools format.  The resulting concatenated data set is  written  to
16       the  standard output or file specified by -o.  If file is a single dash
17       (`-') or absent, flow-cat will read from the standard input.
18

OPTIONS
20       -a        Do not ignore filenames that begin with tmp.
21
22       -b big|little
23                 Byte order of output.
24
25       -C Comment
26                 Add a comment.
27
28       -d debug_level
29                 Enable debugging.
30
31       -g        Sort file list by capture start time before processing.
32
33       -h        Display help.
34
35       -m        Disable the use of mmap().
36
37       -p        Preload headers.  Use to preserve meta  information  such  as
38                 lost flows.
39
40       -o file   Write to file instead of the standard out.
41
42       -t start_time
43                 Select  flow  files up to start_time.  If used with -T select
44                 files between start_time and end_time.
45
46       -T end_time
47                 Select flow files after end_time.  If  used  with  -t  select
48                 files between start_time and end_time.
49
50       -z z_level
51                 Configure  compression  level to  z_level.  0 is disabled (no
52                 compression), 9 is highest compression.
53
54       file|directory...
55                 Process the files and/or directory.
56

TIME/DATE parsing
58       start_time and end_time parsing is implemented with getdate.y,  a  com‐
59       monly  used  function  to  process  free-form time date specifications.
60       Example usage borrowed from cvs:
61           1 month ago
62           2 hours ago
63           400000 seconds ago
64           last year
65           last Monday
66           yesterday
67           a fortnight ago
68           3/31/92 10:00:07 PST
69           January 23, 1987 10:05pm
70           22:00 GMT
71

EXAMPLES
73       Concatenate all flow files begining with ft-v05.2001-05.01,  use  flow-
74       print to display the results.
75
76           flow-cat ft-v05.2001-05-01.* | flow-print
77
78       Concatenate  flow  files in /flows/krc4, store store the output in com‐
79       pressed.flows at compression level 9 (best).  The headers are preloaded
80       so  various  metadata  such as the flow count is correct in the result.
81       Filenames begining with tmp which are typically in-progress flow  files
82       from flow-capture are not processed.
83
84           flow-cat -p -z9 /flows/krc4 > compressed.flows
85

BUGS
87       None known.
88

AUTHOR
90       Mark Fullmer maf@splintered.net
91

SEE ALSO
93       flow-tools(1)
94
95
96
97                                                                   flow-cat(1)



        

    


            
        

        

            Impressum