nntp - extracts information exchanged in NNTP sessions
A stream containing a field of packet type.
A record each time an NNTP command and a corresponding response have been paired.
The tool locates NNTP handshakes and starts extracting from the TCP session. Each time a command has been paired with a response, it will output a record of the event.
Controls the port on which NNTP traffic is detected. The most common value (and the default) is 119, but in some scenarios, NNTP traffic can be found on other non-standard ports.
Controls which parts of NNTP messages are logged. Setting it to Ignore ensures that no part of sent messages is extracted. Header specifies that the header of messages is to be extracted, and Full message specifies that the full messages including the header will be extracted.
Limits the size of the extracted messages. The limit is in kilobytes.