arkime
arkime copied to clipboard
arkime
Arkime is an open source, large scale, full packet capturing, indexing, and database system.
- [x] do a backup - [x] tests.pl uses resources stored in aws - move to github - #2695 - [x] U18 screwdriver saves to s3 - shutdown July 1...
The administration and use of roles can be awkward. There are 2 different pages to interact with roles, the Users page and the Roles page. - The Users page is...
Not sure if all of these are possible or not: * When the file index record was created * The last packet timestamp * When the last packet was processed
Please separate queries and responses for DNS into their own fields. This is useful when looking for beacons via DNS without having to sift through the CNAME responses. ``` Is...
Currently wise design choices favor the ability to cache results which has lead to some big limitations, especially around IPs. For example with the current design it is not possible...
Currently arkime doesn't support smtp that has been decrypted in place, so it still has the STARTTLS but nothing is actually encrypted. Will need to change the smtp parser to...
Improve upon the current keyboard shortcuts in Cont3xt. This relies on completion of #2125. - Each section could be assigned a number. - Within each section the user should be...
Add a user configurable check box / drop down [along the lines of the Arkime 'bounding' field] to let the user have several session based options for default start dates...
- [ ] DomainTools - [ ] InQuest Labs API - https://labs.inquest.net/docs/#inquest-labs-api - [ ] CRT.sh - [ ] Google Safe Browsing (Lookup v4 API) [https://developers.google.com/safe-browsing/v4/lookup-api] - [ ] AWS...