forked from dreadl0ck/netcap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnet.dump.conf
59 lines (40 loc) · 1.13 KB
/
net.dump.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# NETCAP config for dump tool
# Generated by NETCAP v0.5.2
# You can regenerate an up to date default configuration with:
# $ net <tool> -gen-config > net.<tool>.conf
# begin character for a structure in CSV output
begin (
# force colors
c false
# read configuration from file at path
config
# print output data as csv with header line
csv false
# end character for a structure in CSV output
end )
# print available fields for an audit record file and exit
fields false
# print audit record file header and exit
header false
# print as JSON
json false
# set size for membuf
membuf-size 12582912
# read specified file, can either be a pcap or netcap audit record file
read
# select specific fields of an audit records when generating csv or tables
select
# set separator string for csv output
sep ,
# print output as structured objects
struc true
# separator character for a structure in CSV output
struct-sep -
# print output as table view (thanks @evilsocket)
table false
# print output as tab separated values
tsv false
# print timestamps as UTC when using select csv
utc false
# print netcap package version and exit
version false