hrbrmstr/zeekr
Tools to Make Analyses Using Zeek Easier

Package index
Search the hrbrmstr/zeekr package
Vignettes
Functions
16
Source code
9
Man pages
8
Home
/
GitHub
/
hrbrmstr/zeekr
/
R/read-zeek-logs.R

R/read-zeek-logs.R
In hrbrmstr/zeekr: Tools to Make Analyses Using Zeek Easier

Defines functions read_zeek_logs

Documented in read_zeek_logs 

#' Read zeek logs from a processed PCAP into a list
#'
#' @note Logs must be in Parquet or JSON format.
#' @param log_dir directory of zeek logs
#' @export
#' @examples
#' loc <- tryCatch(
#'   pcap_to_zeek(system.file("pcap/ssh.pcap", package = "zeekr")),
#'   error = function(e) message("No Zeek")
#' )
#'
#' if (!is.null(loc)) {
#'   read_zeek_logs(loc)
#'   unlink(loc) # don't do this IRL until you're done working with or saving.
#' }
read_zeek_logs <- function(log_dir) {

  log_dir <- path.expand(log_dir[1])

  stopifnot("Cannot find directory." = dir.exists(log_dir))

  in_fils <- list.files(log_dir, full.names = TRUE)

  fil_names <- make.unique(tools::file_path_sans_ext(basename(in_fils)))

  lapply(in_fils, function(.x) {

    if (tools::file_ext(.x) == "parquet") {
      arrow::read_parquet(.x)
    } else {
      ndjson::stream_in(.x, cls = "tbl")
    }

  }) -> out

  set_names(out, fil_names)

}
hrbrmstr/zeekr documentation built on Dec. 20, 2021, 4:49 p.m.

R Package Documentation

rdrr.io home R language documentation Run R code online

Browse R Packages

CRAN packages Bioconductor packages R-Forge packages GitHub packages

We want your feedback!

Note that we can't provide technical support on individual packages. You should contact the package authors for that.
GitHub issue tracker
ian@mutexlabs.com
Personal blog

 
Embedding an R snippet on your website

Add the following code to your website.

For more information on customizing the embed code, read Embedding Snippets.

Close