[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tcpdump-workers
Subject:    [tcpdump-workers] tcpdump filtering query
From:       "Andrew Gebhardt" <ajgebha () omnisig ! com>
Date:       2002-10-15 17:00:43
[Download RAW message or body]

Hello,

I am sorry you bother members of this mailing list but I have a question
regarding the best way to certain filter fields out of standard tcpdump
output (ascii format).

Currently, I use the awk command to remove certain fields from the tcpdump
output file.  For example:

cat tcpdumpfile | awk -F. '{print
$1"."$2"."$3"."$4"."$5,$6"."$7"."$8"."$9,$10}' | awk -F" " '{print
$1,$2,$3,$5,$6,$7}' | awk -F: '{print $1$2}' > output

Is there a way to filter fields using an expression with the tcpdump
command?  Or is there a more efficient method of filtering fields out of the
tcpdump output than using awk?

Any comments would be greatly appreciated,

Andrew Gebhardt



ajgebha@omnisig.com
ajgebha@hotmail.com
65 Lakefront Drive
Hammonds Plains, Nova Scotia
B4B 1L4
(902) 832-5421

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request@tcpdump.org?body=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]