FLOWD-READER(8) BSD System Manager's Manual FLOWD-READER(8)NAMEflowd-reader — Read, filter and concatenate binary flowd logfiles
SYNOPSISflowd-reader [-LUvqd] [-H num_flows] [-f filter_file] [-o output_file]
flow_log [flow_log] [...]
DESCRIPTIONflowd-reader is a program to read, filter and/or concatenate flowd(8)
binary log files.
If only flow_log arguments are specified, flowd-reader will read each of
the log files and print their contents to standard output.
Filtering may be performed by specifying a filter_file using the -f
option. In this mode, flowd-reader will filter the flows it reads from
the flow_log file(s) before printing them.
Finally, the -o option may be used to specify a output_path to which all
the flows that have been read and passed any filters are written.
The command-line options are as follows:
-H num_flows
head(1) mode. Read only the first num_flows of the file.
-L Allows flowd-reader to read legacy version 2 flow logs (generated
by flowd(8) versions prior to v9.0). This may be used to convert
old flow logs to the newer form.
-U Causes flowd-reader to report all timestamps in UTC rather than
the local timezone.
-d Display debugging information, including the number of filter
matches if one has been specified.
-f filter_file
Specify a filter_file. containing filtering and field selection
rules to apply to the flows that are loaded. These rules may
contain store directives and filter rules as described in the
flowd.conf(5) manual (under the Storage field selection and
Filter sections respectively.) Any other directives are ignored.
If no store directives are specified in the filter_file then the
default is to preserve all the fields in the input flow logs.
-q Operate quietly. If this argment is specified, flowd-reader will
not display the flows it is processing. This may be useful in
conjunction with the -f option.
-o output_file
Specify an output_file to which all flows that have been read and
have passed any filters are written. The flows are written in
the flowd binary log format. This option is useful when filter‐
ing or concatenating flow log files.
-v Reports all information in the flow log, rather than the default
brief subset.
-h Displays commandline usage information.
AUTHORS
Damien Miller <djm@mindrot.org>
SEE ALSOflowd(8), flowd.conf(5)BSD July 30, 2004 BSD