NAME
rwsilk2ipfix - Convert SiLK Flow records to IPFIX records
SYNOPSIS
rwsilk2ipfix [--ipfix-output=FILE] [--print-statistics] [FILES...]
DESCRIPTION
rwsilk2ipfix reads SiLK Flow records from the input file names specified on the command line or from the standard input when no file names are specified, converts the records to an IPFIX (Internet Protocol Flow Information eXport) format, and writes the IPFIX records to the path specified by --ipfix-output or to the standard output when stdout is not the terminal and --ipfix-output is not provided.
If the input file names end in .gz, they will be uncompressed as
they are read. When stdin is provided as an input file name,
rwsilk2ipfix will read records from the standard input.
OPTIONS
Option names may be abbreviated if the abbreviation is unique or is an exact match for an option. A parameter to an option may be specified as --arg=param or --arg param, though the first form is required for options that take optional parameters.
- --ipfix-output=FILE
-
Write the IPFIX records to FILE, which must not exist. If the
switch is not provided or if FILE has the value
stdout, the IPFIX flows are written to the standard output. - --print-statistics
- Print, to the standard error, the number of records that were written to the IPFIX output file.
EXAMPLES
To convert the SiLK file silk.rwf into IPFIX format:
rwsilk2ipfix --ipfix-output=ipfix.dat silk.rwf
To view the contents of ipfix.dat using the yafscii tool (see http://tools.netsa.cert.org/yaf/):
yafscii --in=ipfix.dat --out=-
To convert the file back into SiLK Flow format:
rwipfix2silk --silk-output=silk2.rwf ipfix.dat
SEE ALSO
rwipfix2silk(1), yafscii(1)