diff options
Diffstat (limited to 'src/formats/pcap_log.json')
| -rw-r--r-- | src/formats/pcap_log.json | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/src/formats/pcap_log.json b/src/formats/pcap_log.json new file mode 100644 index 0000000..a3192e1 --- /dev/null +++ b/src/formats/pcap_log.json @@ -0,0 +1,82 @@ +{ + "$schema": "https://lnav.org/schemas/format-v1.schema.json", + "pcap_log": { + "json": true, + "title": "Packet Capture", + "description": "Internal format for pcap files", + "mime-types": [ + "application/vnd.tcpdump.pcap" + ], + "multiline": false, + "convert-to-local-time": true, + "line-format": [ + { + "field": "time" + }, + " ", + { + "field": "source", + "min-width": 15, + "align": "right" + }, + " → ", + { + "field": "destination", + "min-width": 15, + "align": "left" + }, + " ", + { + "field": "protocol", + "min-width": 7, + "align": "left" + }, + " ", + { + "field": "length", + "min-width": 4, + "align": "right" + }, + " ", + { + "field": "info" + } + ], + "level": { + "warning": "^6291456$", + "error": "^8388608$" + }, + "timestamp-field": "time", + "level-pointer": "/_ws_expert__ws_expert_severity$", + "body-field": "info", + "hide-extra": true, + "value": { + "source": { + "kind": "string", + "foreign-key": true, + "collate": "ipaddress", + "identifier": true + }, + "destination": { + "kind": "string", + "foreign-key": true, + "collate": "ipaddress", + "identifier": true + }, + "protocol": { + "kind": "string", + "identifier": true + }, + "length": { + "kind": "integer" + }, + "info": { + "kind": "string" + }, + "layers": { + "kind": "json", + "hidden": true + } + } + } +}
\ No newline at end of file |