/fluentd-pcap-converter.rb
Secret
Created Feb 24, 2016
| require 'tmpdir' | |
| pcap_files = ARGV.map do |v| | |
| File.expand_path(v) | |
| end | |
| pwd = Dir.pwd | |
| pcap_files.each do |pcap_file| | |
| Dir.mktmpdir do |tmpdir| | |
| Dir.chdir(tmpdir) do | |
| File.write('fluentd.conf', <<-EOC) | |
| <source> | |
| @type forward | |
| </source> | |
| <match **> | |
| @type file | |
| path output | |
| buffer_type memory | |
| flush_interval 0s | |
| </match> | |
| EOC | |
| unless system("fluentd", "-c", "fluentd.conf", "-d", "fluentd.pid") | |
| raise | |
| end | |
| unless system("tcptrace", "-e", pcap_file) | |
| raise | |
| end | |
| unless system("cat *_contents.dat | nc localhost 24224") | |
| raise | |
| end | |
| pid = File.read("fluentd.pid").to_i | |
| Process.kill(:TERM, pid) | |
| sleep 1 # FIXME | |
| Dir["output.*.log"].each do |file| | |
| FileUtils.mv(file, File.join(pwd, "#{File.basename(pcap_file)}.#{file}")) | |
| end | |
| end | |
| end | |
| end | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment