我有几个要在其上应用相同命令的pcap文件(这些是网络流量工具Argus命令)
将所有新的.csv文件放入新目录
for file in *.pcap
do
argus -r *.pcap -w packet.argus
#Run argus to get the flow volumn (totalbytes) and the flow duration (seconds)
ra -r packet.argus -s bytes dur > flow_vol_dur.csv
#Run argus to get the source and destination ports, merge both columns together and count how many occurances
racluster -r packet.argus -n -s sport dport > ports.csv
ra -r packet.argus -s stime ltime sport dport - dst port 53 > DNS.csv
ra -r packet.argus -s stime ltime sport dport - dst port 123 > NTP.csv
dir=$(echo ${file} | awk -F. '{print $1}' OFS=.)
mkdir $dir
#Move all newly created .csv files to the new directory
mv $file*.csv $dir
done
我认为命名新目录是不正确的,因为我只想要pcap文件名称的一部分
我敢肯定,有一种更好的方法来运行命令,尤其是这个命令
ra -r packet.argus -s stime ltime sport dport - dst port 53 > DNS.csv
ra -r packet.argus -s stime ltime sport dport - dst port 123 > NTP.csv
当命令中只有一点更改时,我想知道是否有一种更简单的格式来运行这些命令
bash中是否有一种方法可以将来自不同csv文件的列合并为单个csv文件
e.g
file1.csv
A,B
file2.csv
C,D
Desired output.csv
A,B,C,D
我尝试了加入但没有用,是否还有其他bash命令可以使用?
答案 0 :(得分:0)
似乎大多数命令不需要每个文件运行一次,因此,如果更改顺序可以节省一些运行时间:
#!/usr/bin/env bash
argus -r *.pcap -w packet.argus
# Run argus to get the flow volumn (totalbytes) and the flow duration (seconds)
ra -r packet.argus -s bytes dur > flow_vol_dur.csv
# Run argus to get the source and destination ports, merge both columns together and count how many occurances
racluster -r packet.argus -n -s sport dport > ports.csv
ra -r packet.argus -s stime ltime sport dport - dst port 53 > DNS.csv
ra -r packet.argus -s stime ltime sport dport - dst port 123 > NTP.csv
for file in *.pcap
do
dir=$(echo $file| awk -F_ '{print $1}')
mkdir $dir
# Move all newly created .csv files to the new directory
mv $file*.csv $dir
done