Feature #1710
openunix-socket: Send output to unix socket
Description
A new socket UNIX command for analyzing PCAP files and sending the resulting logs to a UNIX socket instead sending it to an output directory as currently does would be great.
This way we can parse the whole log output in memory without touching disk increasing the performance analyzing PCAP files.
Cheers
VJ Updated by Victor Julien about 10 years ago
- Assignee set to Anonymous
- Target version set to TBD
I like the idea, but I don't see the team having time for it anytime soon.
Btw, as a work around you could configure most outputs to output to unix socket. It would be a different socket than the control socket though.
FD Updated by Fanny Dwargee about 10 years ago
Victor,
How can I differentiate between logs of each pcap file?
Victor Julien wrote:
Btw, as a work around you could configure most outputs to output to unix socket. It would be a different socket than the control socket though.
FD Updated by Fanny Dwargee about 10 years ago
I see, just specifying a relative UNIX socket name as the output log file
Regards,
Fanny
JI Updated by Jason Ish almost 8 years ago
- Subject changed from New socket UNIX command for pcap files to Unix socket: Send output to unix socket
- Effort set to medium
- Difficulty set to medium
Edit title. Was: New socket UNIX command for pcap files
AH Updated by Andreas Herz about 7 years ago
- Assignee set to Community Ticket
VJ Updated by Victor Julien 5 months ago
- Subject changed from Unix socket: Send output to unix socket to unix-socket: Send output to unix socket