Derrick is a simple tool for recording data streams of TCP and UDP traffic.
It shares similarities with other network recorders,
such as tcpflow and wireshark,
though it is more advanced than the first and clearly inferior to the latter.
It has been specifically designed to monitor application-layer communication.
In contrast to other tools, the application data is logged in a line-based ASCII format.
Common Unix tools,
such as grep,
sed,
and awk,
can be directly applied.
Even replay of recorded communication is straightforward using netcat.
Derrick supports on-the-fly compression and rotation of log files.
