tcpdump mailing list archives
Re: Multiline output
From: Guy Harris <guy () netapp com>
Date: Mon, 16 Dec 2002 11:29:47 -0800
On Mon, Dec 16, 2002 at 11:29:11AM -0500, George Bakos wrote:
1. Would there be interest in a commandline option "-y" fo syslog-style single-line output? Most of the newline characters could be replaced, conditionally, with commas, leaving a much cleaner output stream for machine parsing.
That might be useful. However, we might also want a policy of "tcpdump, without any -v flags, outputs only one line per packet, period", and require "-v" or "-vv" to get multi-line output. Of course, one headache here is that tcpdump is producing output intended for humans to read, and it's often hard for scripts to parse that output; an option to produce output intended for other pieces of software to read might be useful.
2. Would there be broad enough interest in providing compile-time options such as: --disable-bgp, --disable-isakmp, etc. or --disable-multiline
Only if we don't have some way to force single-line output; I agree that "-y" and/or "without -v only one line is produced per packet" would be better. - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Multiline output George Bakos (Dec 16)
- Re: Multiline output Guy Harris (Dec 16)
- Re: Multiline output Hannes Gredler (Dec 17)
- Re: Multiline output George Bakos (Dec 17)
- Re: Multiline output Hannes Gredler (Dec 17)
- Re: Multiline output Hannes Gredler (Dec 17)
- Re: Multiline output Guy Harris (Dec 16)