SplunkForPCAP

Check out: https://splunkbase.splunk.com/app/2748/
------------------------------------------------
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap | .pcapng).

The App includes Dashboards which will show you:

The Top Talker IP's, Protocols, VLANs, Conversations
Detailed overview about IP Conversations, Packet Loss, TCP Error's, Round Trip Time
Conversation Sankey Diagram (by Packets, by Bytes, by Destination Port)
Microburst Dashboard (Bit timechart)
DNS / NFS / HTTP / Keep Alive Communication Dashboards
Hop Calculator between two IP's

ROADMAP

Support for more protocols and more use cases
Dashboards will change to highlight the most important use cases for troubleshooting.

FAQ https://schwartzdaniel.com/pcap-analyzer-for-splunk-getting-started/

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
README		README
appserver/static		appserver/static
bin		bin
default		default
lookups		lookups
static		static
.gitignore		.gitignore
LICENSE.txt		LICENSE.txt
README.md		README.md
README.txt		README.txt
fieldnames.txt		fieldnames.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

SplunkForPCAP

About

Releases

Packages

Languages

License

Splunk-App-and-TA-development/SplunkForPCAP

Folders and files

Latest commit

History

Repository files navigation

SplunkForPCAP

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages