ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
When i do this "tcpdump | awk '{ print $1 }'" or "tcpdump -l | awk '{print $1 }', the output stutters, I have to wait a long time and suddenly a lot of outputs pop up, while the normal tcpdump gives me fluent output.
The waiting time is sometimes enormously long, minutes long, and suddenly outputting 1000+ lines.
Is this a problem with tcpdump or with awk?
I hope you can help me, THanks in advance.
PS: My real script is longer, these are just examples.
If you want to do it your way, I think you'd have to decide exactly which char value you want awk to treat as 'end-of-line' and see if you can tell awk to do that.
I hardly use awk, so you need to some research and/or hope one of the awk guys here chips in.
Personally, I do use Perl, so I'd go that route myself.
YMMV
sorry I can't be more helpful.
BTW, do you need to do this in realtime, or could you use the save-to-file option tcpdump has?
When i do this "tcpdump | awk '{ print $1 }'" or "tcpdump -l | awk '{print $1 }', the output stutters, I have to wait a long time and suddenly a lot of outputs pop up, while the normal tcpdump gives me fluent output.
The waiting time is sometimes enormously long, minutes long, and suddenly outputting 1000+ lines.
Is this a problem with tcpdump or with awk?
I hope you can help me, THanks in advance.
PS: My real script is longer, these are just examples.
what exactly do you want to capture? tcpdump output's column 1 is the date, at least on my system. Do you just want to get the date? if you are looking at tcpdump output, i don't think you just want to get the date, right? you might be better off using tcpdump's extensive filtering options to get what you want.
I was looking for the source and the destination's MAC address and their IP address. Also I needed the sequence number. I filtered out all packets with the ACK packet enabled.
But It doesn't matter I programmed it yesterday in Perl.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
