Re: Multiline output

[Guy Harris <guy () netapp com>]

On Mon, Dec 16, 2002 at 11:29:11AM -0500, George Bakos wrote:
> 1. Would there be interest in a commandline option "-y" fo syslog-style
> single-line output? Most of the newline characters could be replaced,
> conditionally, with commas, leaving a much cleaner output stream for
> machine parsing.

That might be useful.

However, we might also want a policy of "tcpdump, without any -v flags,
outputs only one line per packet, period", and require "-v" or "-vv" to
get multi-line output.

Of course, one headache here is that tcpdump is producing output
intended for humans to read, and it's often hard for scripts to parse
that output; an option to produce output intended for other pieces of
software to read might be useful.

> 2. Would there be broad enough interest in providing compile-time options such as:
>
>       --disable-bgp, --disable-isakmp, etc.
>       or
>       --disable-multiline

Only if we don't have some way to force single-line output; I agree that
"-y" and/or "without -v only one line is produced per packet" would be
better.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe