Kismet log manipulation with GISKismet
Tues 2nd April 10
While as ShmooCon I was talking to RenderMan and he was telling me about wanting to have a way to compare a set of Kismet logs from a few years ago with a set he created recently. The older set was captured through the original Kismet while the latest set was Kismet-Newcore. I was thinking of different ways to do it and was going to write a little app to parse the two different XML styles into a consistent format but then realised there is already an app that does all this.
GISKismet is designed to take either style of Kismet log, add it to a database and then let the database be queried to extract KML files which can be read by GoogleEarth to show pretty pictures of war drives. Taking the first part of this, the database import feature, I assumed it would be a simple job of importing both sets of logs into their own SQLite database and then extracting them in CSV or some other format which could then be compared. We tried doing the import and nothing happened with either log file, no data was imported. After a quick bit of debugging I realised that it was because GISKismet is only interested in records that contain GPS data, a reasonable check considering the app is designed to create maps of the data. A quick bit of commenting out checks and defaulting values and a re-run now on both logs imported all the data.
Rather than release that nasty hack I've now done a better version which adds a new command line parameter to GISKismet, --ignore-gps, which tells it to import regardless of whether it finds GPS data for an entry or not. I've submitted a patch to Josh and hopefully it will be included in an upcoming release, until then you can grab my patched version from here - GISKismet Ignore GPS release. Just install GISKismet as usual then add this script to the directory and run it in place of the original.
So, if you have sets of Kismet logs that you want to be able to manipulate all you need to do is to pass them through GISKismet and then get to work on the SQLite database with your SQL foo to create any report you can dream of.