manpagez: man pages & more
man fstrm_capture(1)
Home | html | info | man
fstrm_capture(1)                                              fstrm_capture(1)




NAME

       fstrm_capture - Receive and save Frame Streams data from a socket.



SYNOPSIS

       fstrm_capture -t content-type -w filename
            [ -u socket-path ] [ -a IP -p port ]
            [ -c max-connections ] [ -b buffer-size ]
            [ -s seconds ] [ --gmtime ] [ --localtime ]
            [ -d [-d ...] ]



       fstrm_capture --type content-type --write filename
            [ --unix socket-path ] [ --tcp IP --port port ]
            [ --maxconns max-connections ] [ --buffersize buffer-size ]
            [ --split seconds ] [ --gmtime ] [ --localtime ]
            [ --debug [--debug ...] ]




DESCRIPTION

       fstrm_capture  listens  on  a UNIX domain or TCP socket, receives Frame
       Streams data, and writes the data to a file.



OPTIONS

       -w filename | --write filename
              Write data to the file filename.

              If the --gmtime or --localtime option is given, filename is pre-
              processed  with strftime().  This will allow specifying a format
              string which includes the date and time, for  example,  for  the
              created filename.

              If  filename  is  "-"  and standard output is not connected to a
              terminal, fstrm_capture will write to  standard  output.  Output
              splitting (-s) may not be used with a filename of "-".


       -t content-type | --type content-type
              Specify the content-type to receive from the socket and write to
              the output filename.


       -u socket-path | --unix socket-path
              Listen on the Unix domain socket socket-path  to  receive  Frame
              Streams data. Only one of -u or -a may be given.


       -a IP | --tcp IP
              Listen  for  TCP  connections  on  address  IP  to receive Frame
              Streams data. Only one of -u or -a  may  be  given.  Use  of  -a
              requires a port given with -p.


       -p port | --port port
              If -a is given, listen on TCP port port to receive Frame Streams
              data.


       -c max-conns | --maxconns max-conns
              Allow at most max-conns concurrent connections.  If  not  speci-
              fied, concurrent connections are not limited.


       -b buffersize | --buffersize buffersize
              Set read buffer size to buffersize bytes. Combined with -c, this
              can be used to limit the total memory  usage  of  fstrm_capture.
              The  buffersize  also  affects  the  maximum  frame  size  which
              fstrm_capture  will  accept.  Frames  larger  than   buffersize,
              including the 4-byte framing overhead, will be discarded.

              The default buffersize is 262144 (256KiB).


       -s interval | --split interval
              Reopen  output  file every interval seconds. Requires the use of
              either the --gmtime or --localtime options.

              Note that this file rotation is triggered by incoming  data,  so
              it may be delayed after the interval.


       --gmtime
              Process the --write filename through strftime() with the current
              time in GMT.  The --gmtime option may be used  with  --split  to
              provide  file  rotation,  or  by itself to provide a timestamped
              output file for each start or restart of fstrm_capture.


       --localtime
              Process the --write filename through strftime() with the current
              time  in the system local time zone.  The --localtime option may
              be used with --split to provide file rotation, or by  itself  to
              provide  a  timestamped output file for each start or restart of
              fstrm_capture.


       -d [ -d ... ] | --debug [ --debug ]
              Increase debugging level. Without -d, fstrm_capture prints  only
              critical error messages. Up to five -d options may be specified,
              after which more repetitions will have no effect.



EXAMPLES

       Receive dnstap data and save to hourly rotating files (with a converted
       filename such as /var/log/dnstap/dnstap-2018-05-04-12:58:48.fstrm).

            fstrm_capture -t protobuf:dnstap.Dnstap \
                 -u /var/run/named/dnstap.sock \
                 -w /var/log/dnstap/dnstap-%F-%T.fstrm \
                 -s 3600 --gmtime



SEE ALSO

       fstrm_dump(1), fstrm_replay(1), strftime(3),
       Frame Streams C Library https://farsightsec.github.io/fstrm



                                                              fstrm_capture(1)

fstrm 0.4.0 - Generated Fri Jan 25 20:25:26 CST 2019
© manpagez.com 2000-2021
Individual documents may contain additional copyright information.