이진 내가 사용 CSV 형식으로이 파일의 버전을 만들 것입니다 어떻게 기본 바이너리 형식Nfdump의 nfcapd 파일 - nfdump에서 생산 nfcapd 파일을 감안할 때 csv 파일 변환
에 nfcapd.2017 nfdump?
나는 nfdump -r nfcapd.2017 -w이를 새 -o CSV를 사용하여 시도하지만 이진 nfdump 형식으로 작성하기위한 -w 옵션은
작동하지 않는 것 (또는 실제로 nfcapd 형식).
nfdump -r nfcapd.2017 -o csv ts,te,td,sa,da,sp,dp,pr,flg,fwd,stos,ipkt,ibyt,opkt,obyt,in,out,sas,das,smk,dmk,dtos,dir,nh,nhb,svln,dvln,ismc,odmc,idmc,osmc,mpls1,mpls2,mpls3,mpls4,mpls5,mpls6,mpls7,mpls8,mpls9,mpls10,cl,sl,al,ra,eng,exid,tr 2018-01-16 16:33:14,2018-01-16 16:33:14,0.003,192.168.2.204,224.0.0.251,5353,5353,UDP,......,0,0,2,691,0,0,0,0,0,0,0,0,0,0,0.0.0.0,0.0.0.0,0,0,00:00:00:00:00:00,00:00:00:00:00:00,00:00:00:00:00:00,00:00:00:00:00:00,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0, 0.000, 0.000, 0.000,0.0.0.0,0/0,1,1970-01-01 01:00:00.000 2018-01-16 16:33:14,2018-01-16 16:33:14,0.000,192.168.2.204,192.168.2.70,55925,50767,UDP,......,0,0,1,546,0,0,0,0,0,0,0,0,0,0,0.0.0.0,0.0.0.0,0,0,00:00:00:00:00:00,00:00:00:00:00:00,00:00:00:00:00:00,00:00:00:00:00:00,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0,0-0-0, 0.000, 0.000, 0.000,0.0.0.0,0/0,1,1970-01-01 01:00:00.000 ...
을 그리고 CSV 파일을 얻을 수있는 출력을 리디렉션 : 간단하게 CSV에 출력을 생략
nfdump -r nfcapd.2017 -o csv > nfcapd.2017.csv