NAME

SYNOPSIS

DESCRIPTION

If only flow_log arguments are specified, flowd-reader will read each of the log files and print their contents to standard output.

Filtering may be performed by specifying a filter_file using the -f option. In this mode, flowd-reader will filter the flows it reads from the flow_log file(s) before printing them.

Finally, the -o option may be used to specify a output_path to which all the flows that have been read and passed any filters are written.

The command-line options are as follows:

-H num_flows

head(1) mode. Read only the first num_flows of the file.

-L

Allows flowd-reader to read legacy version 2 flow logs (generated by flowd(8) versions prior to v9.0). This may be used to convert old flow logs to the newer form.

-U

Causes flowd-reader to report all timestamps in UTC rather than the local timezone.

-d

Display debugging information, including the number of filter matches if one has been specified.

-f filter_file

Specify a filter_file. containing filtering and field selection rules to apply to the flows that are loaded. These rules may contain store directives and filter rules as described in the flowd.conf(5) manual (under the Storage field selection and Filter sections respectively.) Any other directives are ignored. If no store directives are specified in the filter_file then the default is to preserve all the fields in the input flow logs.

-q

Operate quietly. If this argment is specified, flowd-reader will not display the flows it is processing. This may be useful in conjunction with the -f option.

-o output_file

Specify an output_file to which all flows that have been read and have passed any filters are written. The flows are written in the flowd binary log format. This option is useful when filtering or concatenating flow log files.

-v

Reports all information in the flow log, rather than the default brief subset.

-h

Displays commandline usage information.

AUTHORS

SEE ALSO