Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
fstrm_capture(1)	    General Commands Manual	      fstrm_capture(1)

NAME
       fstrm_capture - Receive and save	Frame Streams data from	a socket.

SYNOPSIS
       fstrm_capture -t	content-type -w	filename
	    [ -u socket-path ] [ -a IP -p port ]
	    [ -c max-connections ] [ -b	buffer-size ]
	    [ -s seconds ] [ --gmtime ]	[ --localtime ]
	    [ -d [-d ...] ]

       fstrm_capture --type content-type --write filename
	    [ --unix socket-path ] [ --tcp IP --port port ]
	    [ --maxconns max-connections ] [ --buffersize buffer-size ]
	    [ --split seconds ]	[ --gmtime ] [ --localtime ]
	    [ --debug [--debug ...] ]

DESCRIPTION
       fstrm_capture  listens  on  a UNIX domain or TCP	socket,	receives Frame
       Streams data, and writes	the data to a file.

OPTIONS
       -w filename | --write filename
	      Write data to the	file filename.

	      If the --gmtime or --localtime option is given, filename is pre-
	      processed	 with strftime().  This	will allow specifying a	format
	      string which includes the	date and time, for  example,  for  the
	      created filename.

	      If  filename  is	"-"  and standard output is not	connected to a
	      terminal,	fstrm_capture will write to  standard  output.	Output
	      splitting	(-s) may not be	used with a filename of	"-".

	      Sending  SIGHUP  to fstrm_capture	will flush any buffered	output
	      to the file. Sending SIGUSR1 will	close and reopen the file.

       -t content-type | --type	content-type
	      Specify the content-type to receive from the socket and write to
	      the output filename.

       -u socket-path |	--unix socket-path
	      Listen  on  the  Unix domain socket socket-path to receive Frame
	      Streams data. Only one of	-u or -a may be	given.

       -a IP | --tcp IP
	      Listen for TCP  connections  on  address	IP  to	receive	 Frame
	      Streams  data.  Only one of -u or	-a may be given. Use of	-a re-
	      quires a port given with -p.

       -p port | --port	port
	      If -a is given, listen on	TCP port port to receive Frame Streams
	      data.

       -c max-conns | --maxconns max-conns
	      Allow  at	 most  max-conns concurrent connections. If not	speci-
	      fied, concurrent connections are not limited.

       -b buffersize | --buffersize buffersize
	      Set read buffer size to buffersize bytes.	Combined with -c, this
	      can  be  used  to	limit the total	memory usage of	fstrm_capture.
	      The  buffersize  also  affects  the  maximum  frame  size	 which
	      fstrm_capture  will  accept.  Frames larger than buffersize, in-
	      cluding the 4-byte framing overhead, will	be discarded.

	      The default buffersize is	262144 (256KiB).

       -s interval | --split interval
	      Reopen output file every interval	seconds. Requires the  use  of
	      either the --gmtime or --localtime options.

	      Note  that  this file rotation is	triggered by incoming data, so
	      it may be	delayed	after the interval.

       --gmtime
	      Process the --write filename through strftime() with the current
	      time  in	GMT.   This  --gmtime  option may be used to provide a
	      timestamped output file when starting fstrm_capture or when  re-
	      opening  an output file using the	--split	option or when receiv-
	      ing a SIGUSR1 signal.

       --localtime
	      Process the --write filename through strftime() with the current
	      time in the system local time zone.  This	--localtime option may
	      be used to provide  a  timestamped  output  file	when  starting
	      fstrm_capture or when reopening an output	file using the --split
	      option or	when receiving a SIGUSR1 signal.

       -d [ -d ... ] | --debug [ --debug ]
	      Increase debugging level.	Without	-d, fstrm_capture prints  only
	      critical error messages. Up to five -d options may be specified,
	      after which more repetitions will	have no	effect.

EXAMPLES
       Receive dnstap data and save to hourly rotating files (with a converted
       filename	such as	/var/log/dnstap/dnstap-2018-05-04-12:58:48.fstrm).

	    fstrm_capture -t protobuf:dnstap.Dnstap \
		 -u /var/run/named/dnstap.sock \
		 -w /var/log/dnstap/dnstap-%F-%T.fstrm \
		 -s 3600 --gmtime

SEE ALSO
       fstrm_dump(1), fstrm_replay(1), strftime(3),
       Frame Streams C Library https://farsightsec.github.io/fstrm

							      fstrm_capture(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=fstrm_capture&sektion=1&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help