![]() ![]() ![]() For example, if log_pcap is configured with the default settings and were to open an output file now (Thu Mar 18 21:44:), then the output file would be named 21-44-12. The timestamp indicates when the output file was created using the local time zone. ![]() So, what happens if the output file already exists? To avoid overwriting any existing output file, Barnyard adds a timestamp extension to the filename. This is because a pcap file must include specific header information. The log_pcap output plug-in, however, will always create a new output file. So far, all of the output plug-ins that write to a file will append to the current file if it already exists. The output file for log_pcap differs a bit from the other file-based output plug-ins we have discussed. If the filename option is not specified, then “barnyard.pcap” will be used. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |