Hello,
I would like to convert the timestamp of the
output trace to human-readable format. Bro's manual describes a cf tool
that can do this job. However, I could not find this utility. May I know
where can I find this utility and how to use it? Thank you.
Regards,
Silvia
I would like to convert the timestamp of the
output trace to human-readable format. Bro's manual describes a cf tool
that can do this job. However, I could not find this utility. May I know
where can I find this utility and how to use it? Thank you.
ftp://ftp.ee.lbl.gov/cf.tar.gz
There's no man page, but it'll tell you:
% /usr/local/bin/cf -h
cf version 1.1
usage: cf [-f fmt] [-lsu] [file ...]
I just happen to know that "-f fmt" is a timestamp format, eg:
% echo 987987987 | /usr/local/bin/cf
Apr 22 18:06:27
% echo 987987987 | /usr/local/bin/cf -f '%c'
Sun Apr 22 18:06:27 2001
% echo 987987987 | /usr/local/bin/cf -f '%Y-%m-%d %H:%M:%S'
2001-04-22 18:06:27
etc...