I want to log some specific HTTP requests that have a keyword, that are coming to a specific port. tcpflow works fine, but I can't write filtered results to an output file.

I don't understand why this command works flawlessly ('detect' is a keyword I am looking for) and shows only lines that I need.

tcpflow -p -c -i eth0 port 80 | grep detect 

meanwhile, at the same time, this doesn't work at all. log.txt file is empty...

tcpflow -p -c -i eth0 port 80 | grep detect  > log.txt 

I suppose it has something to do with binary output?

because this way it works, but it results in a really big file (i don't need so much data)

tcpflow -p -c -i eth0 port 80 > log.txt
grep log.txt --text detect

And It only works with --text attribute (without it says something about binary file format), and after several days file can become really large...

I want to log some specific HTTP requests that have a keyword, that are coming to a specific port. tcpflow works fine, but I can't write filtered results to an output file.

I don't understand why this command works flawlessly ('detect' is a keyword I am looking for) and shows only lines that I need.

tcpflow -p -c -i eth0 port 80 | grep detect 

meanwhile, at the same time, this doesn't work at all. log.txt file is empty...

tcpflow -p -c -i eth0 port 80 | grep detect  > log.txt 

I suppose it has something to do with binary output?

because this way it works, but it results in a huge file (I don't need so much data)

tcpflow -p -c -i eth0 port 80 > log.txt
grep log.txt --text detect

And It only works with --text attribute (without it says something about binary file format), and after several days the file can become really large.