DESCRIPTION

flow-cat 1 flow-cat Concatenate flow files flow-cat -aghmp -b big|little -C comment -d debug_level -o filename -t start_time -T start_time -z z_level file|directory DESCRIPTION The flow-cat utility processes files and/or directories of files in the flow-tools format. The resulting concatenated data set is written to the standard output or file specified by . If file is a single dash (`-') or absent, flow-cat will read from the standard input. OPTIONS -a Do not ignore filenames that begin with tmp. -b big|little Byte order of output. -C Comment Add a comment. -d debug_level Enable debugging. -g Sort file list by capture start time before processing. -h Display help. -m Disable the use of mmap(). -p Preload headers. Use to preserve meta information such as lost flows. -o file Write to file instead of the standard out. -t start_time Select flow files up to start_time. If used with -T select files between start_time and end_time. -T end_time Select flow files after end_time. If used with -t select files between start_time and end_time. -z z_level Configure compression level to z_level. 0 is disabled (no compression), 9 is highest compression. file|directory... Process the files and/or directory. TIME/DATE parsing start_time and end_time parsing is implemented with getdate.y, a commonly used function to process free-form time date specifications. Example usage borrowed from cvs: 1 month ago 2 hours ago 400000 seconds ago last year last Monday yesterday a fortnight ago 3/31/92 10:00:07 PST January 23, 1987 10:05pm 22:00 GMT EXAMPLES Concatenate all flow files begining with ft-v05.2001-05.01, use flow-print to display the results. flow-cat ft-v05.2001-05-01.* | flow-print Concatenate flow files in /flows/krc4, store store the output in compressed.flows at compression level 9 (best). The headers are preloaded so various metadata such as the flow count is correct in the result. Filenames begining with tmp which are typically in-progress flow files from flow-capture are not processed. flow-cat -p -z9 /flows/krc4 > compressed.flows BUGS None known. AUTHOR Mark Fullmer maf@splintered.net SEE ALSO flow-tools(1)