Posted by:summersab
Subject:Parsing out just clients, unassociated clients, and adding a timestamp
Date:05:22:18 22/03/2017

I've definitely been having a good amount of fun learning how to interact with Kismet (though it started with a decent amount of tears and gnashing of teeth - I'm past that, now . . . ) It's quite powerful tool once you figure it out, that's for sure.

So, I'm trying to do a bit of presence detection that parses out just the clients and and the unassociated clients (both of them separately) along with a timestamp for each. So far, I've only really interacted with Kismet via netcat, and I'm not sure if I can do this type of parsing and formatting on the fly (though that would be ideal).

Basically, I'd like the output to look something like this if the client is connected to an AP:

<timestamp> <client_MAC> <AP_MAC>

If it is not connected to an AP, then this:
<timestamp> <client_MAC> (maybe put something here to indicate no AP)

I'm having trouble figuring out how to do this without first dumping the netcat stream to a file and then doing some grep and sed. Any tips?

