The session keyword is built to extract user data from TCP Sessions. There are many cases where seeing what users are typing in telnet, rlogin, ftp, or even web sessions is very useful.
There are three available argument keywords for the session rule option: printable, binary, or all.
The printable keyword only prints out data that the user would normally see or be able to type. The binary keyword prints out data in a binary format. The all keyword substitutes non-printable characters with their hexadecimal equivalents.