Feature #1710
open
Unix socket: Send output to unix socket
Added by Fanny Dwargee about 8 years ago.
Updated about 5 years ago.
Description
A new socket UNIX command for analyzing PCAP files and sending the resulting logs to a UNIX socket instead sending it to an output directory as currently does would be great.
This way we can parse the whole log output in memory without touching disk increasing the performance analyzing PCAP files.
Cheers
- Assignee set to Anonymous
- Target version set to TBD
I like the idea, but I don't see the team having time for it anytime soon.
Btw, as a work around you could configure most outputs to output to unix socket. It would be a different socket than the control socket though.
Victor,
How can I differentiate between logs of each pcap file?
Victor Julien wrote:
Btw, as a work around you could configure most outputs to output to unix socket. It would be a different socket than the control socket though.
I see, just specifying a relative UNIX socket name as the output log file
Regards,
Fanny
- Subject changed from New socket UNIX command for pcap files to Unix socket: Send output to unix socket
- Effort set to medium
- Difficulty set to medium
Edit title. Was: New socket UNIX command for pcap files
- Assignee set to Community Ticket
Also available in: Atom
PDF