GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  BRO-CUT (1)

NAME

bro-cut - parse Bro logs

CONTENTS

Synopsis
Description
Options
Environment
Examples
See Also
Author

SYNOPSIS

bro-cut [options] [columns]

DESCRIPTION

Extracts the given columns from ASCII Bro logs on standard input, and outputs them to standard output. If no columns are given, all are selected. By default, bro-cut does not include format header blocks in the output.

Columns are specified as a list of space-separated field names. The order of field names given to bro-cut determines the output order, which means bro-cut can be used to reorder columns.

The ASCII Bro logs read on standard input must have intact format header blocks because bro-cut needs this information to correctly interpret the log file format. In fact, bro-cut can process the concatenation of multiple ASCII log files that have different column layouts.

OPTIONS

-c Include the first format header block into the output.
-C Include all format header blocks into the output.
-d Convert time values into human-readable format.
-D <fmt> Like -d, but specify format for time (see strftime(3) for syntax).
-F <ofs> Sets a different output field separator.
-n Print all fields except those specified.
-u Like -d, but print timestamps in UTC instead of local time.
-U <fmt> Like -D, but print timestamps in UTC instead of local time.

ENVIRONMENT

BRO_CUT_TIMEFMT
  For time conversion option -d or -u, the format string can be specified by setting this environment variable.

EXAMPLES

Output three columns and convert time values:
cat conn.log | bro-cut -d ts id.orig_h id.orig_p

Output all columns and convert time values with a custom format string:
cat conn.log | bro-cut -D "%Y-%m-%d %H:%M:%S"

SEE ALSO

strftime(3)

AUTHOR

bro-cut was written by The Bro Project <info@bro.org>.
Search for    or go to Top of page |  Section 1 |  Main Index


bro-cut BRO-CUT (1) November 2014

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.