analyze

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2024 License: BSD-3-Clause Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Analyze = &charm.Spec{
	Name:  "analyze",
	Usage: "analyze [options] pcap",
	Short: "analyze a pcap and emit a stream of ZNG values",
	Long: `
The analyze command runs a pcap file or stream through multiple analyzer 
processes (for now this is Zeek and Suricata) and emits the generated logs from
these processes. Brimcap is built on top of the Zed system
(https://github.com/brimdata/zed), so the logs can be written into a variety of
structured log formats.

For those familiar with zq (https://github.com/brimdata/zed/cmd/zq), logs can
written as ZNG or ZSON, then use zq to efficiently search through them.
Additionally logs can also be written as NDJSON and then operated on using jq
(https://stedolan.github.io/jq/).

To analyze a pcap file and write the data as ZSON values to stdout, simply run:

brimcap analyze -z sample.pcap
`,
	New: New,
}

Functions

func New 

func New(parent charm.Command, f *flag.FlagSet) (charm.Command, error)

Types

type Command 

type Command struct {
	*root.Command
	analyzecli.Display
	// contains filtered or unexported fields
}

func (*Command) Run added in v0.0.3 

func (c *Command) Run(args []string) (err error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.