bionic (1) flow-cat.1.gz

Provided by: flow-tools_0.68-12.5build3_amd64 bug

flow-cat(1)                                  General Commands Manual                                 flow-cat(1)

NAME

       flow-cat — Concatenate flow files

SYNOPSIS

       flow-cat  [-aghmp]   [-b big|little]  [-C comment]  [-d debug_level]  [-o filename]  [-t start_time]  [-T
       start_time]  [-z z_level]  [file|directory ...]

DESCRIPTION

       The flow-cat utility processes files and/or directories of files in the flow-tools format.  The resulting
       concatenated  data  set  is  written to the standard output or file specified by -o.  If file is a single
       dash (`-') or absent, flow-cat will read from the standard input.

OPTIONS

       -a        Do not ignore filenames that begin with tmp.

       -b big|little
                 Byte order of output.

       -C Comment
                 Add a comment.

       -d debug_level
                 Enable debugging.

       -g        Sort file list by capture start time before processing.

       -h        Display help.

       -m        Disable the use of mmap().

       -p        Preload headers.  Use to preserve meta information such as lost flows.

       -o file   Write to file instead of the standard out.

       -t start_time
                 Select flow files up to start_time.  If used  with  -T  select  files  between  start_time  and
                 end_time.

       -T end_time
                 Select  flow  files  after  end_time.   If  used  with  -t  select files between start_time and
                 end_time.

       -z z_level
                 Configure compression level to   z_level.   0  is  disabled  (no  compression),  9  is  highest
                 compression.

       file|directory...
                 Process the files and/or directory.

TIME/DATE parsing

       start_time  and end_time parsing is implemented with getdate.y, a commonly used function to process free-
       form time date specifications.  Example usage borrowed from cvs:
           1 month ago
           2 hours ago
           400000 seconds ago
           last year
           last Monday
           yesterday
           a fortnight ago
           3/31/92 10:00:07 PST
           January 23, 1987 10:05pm
           22:00 GMT

EXAMPLES

       Concatenate all flow files begining with ft-v05.2001-05.01, use flow-print to display the results.

           flow-cat ft-v05.2001-05-01.* | flow-print

       Concatenate flow files in /flows/krc4, store store the output in compressed.flows at compression level  9
       (best).   The  headers are preloaded so various metadata such as the flow count is correct in the result.
       Filenames begining with tmp which  are  typically  in-progress  flow  files  from  flow-capture  are  not
       processed.

           flow-cat -p -z9 /flows/krc4 > compressed.flows

BUGS

       None known.

AUTHOR

       Mark Fullmer maf@splintered.net

SEE ALSO

       flow-tools(1)

                                                                                                     flow-cat(1)