Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
BRO-CUT(1)			 User Commands			    BRO-CUT(1)

NAME
       bro-cut - parse Bro logs

SYNOPSIS
       bro-cut [options] [columns]

DESCRIPTION
       Extracts	 the  given columns from ASCII Bro logs	on standard input, and
       outputs them to standard	output.	 If no columns are given, all are  se-
       lected.	By  default,  bro-cut does not include format header blocks in
       the output.

       Columns are specified as	a list of space-separated  field  names.   The
       order  of  field	 names	given  to bro-cut determines the output	order,
       which means bro-cut can be used to reorder columns.

       The ASCII Bro logs read on  standard  input  must  have	intact	format
       header  blocks  because bro-cut needs this information to correctly in-
       terpret the log file format.  In	fact, bro-cut can process the concate-
       nation of multiple ASCII	log files that have different column layouts.

OPTIONS
       -c     Include the first	format header block into the output.

       -C     Include all format header	blocks into the	output.

       -d     Convert time values into human-readable format.

       -D <fmt>	Like -d, but specify format for	time (see strftime(3) for syn-
	      tax).

       -F <ofs>	Sets a different output	field separator.

       -n     Print all	fields except those specified.

       -u     Like -d, but print timestamps in UTC instead of local time.

       -U <fmt>	Like -D, but print timestamps in UTC instead of	local time.

ENVIRONMENT
       BRO_CUT_TIMEFMT
	      For time conversion option -d or -u, the format  string  can  be
	      specified	by setting this	environment variable.

EXAMPLES
       Output three columns and	convert	time values:
       cat conn.log | bro-cut -d ts id.orig_h id.orig_p

       Output all columns and convert time values with a custom	format string:
       cat conn.log | bro-cut -D "%Y-%m-%d %H:%M:%S"

SEE ALSO
       strftime(3)

AUTHOR
       bro-cut was written by The Bro Project <info@bro.org>.

bro-cut				 November 2014			    BRO-CUT(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | ENVIRONMENT | EXAMPLES | SEE ALSO | AUTHOR

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=bro-cut&sektion=1&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help