Posted by:jfisch
Subject:Understanding the CSV and GPS file formats
Date:03:35:11 06/02/2007

Hello. I'm trying to write tools to take the data I've collected to do some
analysis and I'm attempting to understand the format of the .csv and the
.gps files generated by Kismet. I've searched on the forum and found some explanations but not everything I wanted to find out.

In the .csv file there are:


Definitions and possible values for .csv
Network: Network Number 1...n
NetType: Infrastructure or Probe
ESSID: Extended Service Set ID, identifying name of wireless network
BSSID: Beacon Basic Service Set ID, identifying name of ad-hoc wireless network
Info: ???
Channel: Channel number in which network was found
Cloaked: Cloaked Network Indicator: yes or no, a cloaked network is an access point that does not transmit the SSID in each beacon frame
Encryption: blank, WEP or WPA
Decrypted: yes or no
MaxRate: Max speed of network, 11 or 54 megabit per sec
MaxSeenRate: Maximum of above that has been seen
Beacon: ???
LLC: ???
Data: ???
Crypt: ???
Weak: ???
Total: ???
Carrier: Communications carrier
Encoding: ???
FirstTime: Initial time network detected, a time
LastTime: Last time network detected, a time
BestQuality: Best quality of service, a number
BestSignal: Best signal strength, a number
BestNoise: Best noise level, a number
GPSMinLat: GPS minimum latitude, real number
GPSMinLon: GPS minimum longitude, real number
GPSMinAlt: GPS minimum altitude, real number
GPSMinSpd: GPS minimum speed, real number
GPSMaxLat: same as above but maximum
GPSMaxLon: ||
GPSMaxAlt: \/
GPSMaxSpd: ---
GPSBestLat: GPS latitude with best signal
GPSBestLon: GPS longitude with best signal
GPSBestAlt: GPS altitude with best signal
DataSize: ???
IPType: Internet protocol type ??? ARP or None
IP: Internet Protocol Address #.#.#.#

I would sure appreciate if anyone knows about fields above with ??? or links
to information concerning above. Also clarification on minimum/maximum on
GPS would be helpful.

Definitions and possible values for .gps format:
<gps-point bssid="GP:SD:TR:AC:KL:OG" time-sec="1170361065" time-usec="800123" lat="45.491749" lon="-122.801720" alt="142.889999" spd="0.000000" heading="297.854126" fix="3" signal="-82" quality="0" noise="0"/>
bssid: same as for csv
time-sec: time stamp in seconds, double number
time-usec: time stamp in microseconds, double number
lat: latitude reading from GPS, real number
lon: longitude reading from GPS, real number
spd: speed of GPS, real number
heading: direction, real number
fix: 2 or 3 (2D or 3D (differential WAAS)), number
signal: signal strength, number
quality: quality of service, number
noise: noise level, number

A few more questions, my garmin was recording speed but it didn't make it into the log file so perhaps I needed to configure something on it to transmit this information? Is there a way to sync the bssids from the .csv and .gps file by timestamp information?

Thanks for any information/links to information anyone can give. I'm still learning :-)


P.S. I stumbled on the warglue tools but I have yet to experiment with them. If anyone knows of other useful tools that would be great.

