brimcap
brimcap copied to clipboard
brimdata
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
A community user inquired: > How do I use bpf filter for a lot of ips in the brim? > I have a whitelist ip and want to filter those...
Since WireShark 3.0 it is possible to [embed TLS secrets in a pcapng](https://wiki.wireshark.org/TLS) file. Following the WireShark documentation I created a pcapng file with the tls keys embeded in it....
At the moment Brimcap only allows for populating and querying a local "Brimcap root". This means that if a Brim app is connected to a remote lake and accesses a...
This issue was originally created before Brimcap existed and the specific draft proposal below for implementation is probably no longer relevant. However, since the Brim+Brimcap workflow still includes "dragging a...
Issues like the one fixed in brimdata/zed#462 remind us that we're likely to encounter pcap oddities in the wild. Even if we can't anticipate every corner case and have perfectly-crafted...
Repro is with Brimcap commit `1fa5fc4` and [https://archive.wrccdc.org/pcaps/2018/wrccdc.2018-03-23.010014000000000.pcap.gz](https://archive.wrccdc.org/pcaps/2018/wrccdc.2018-03-23.010014000000000.pcap.gz) (uncompressed) as my test data. In my verifications steps [#16 (comment)](https://github.com/brimdata/brimcap/issues/16#issuecomment-822854136), I first used this unsuccessful approach to try to work around...
Before opening a new issue, please make sure you've reviewed the troubleshooting guide: https://github.com/brimdata/brimcap/wiki/Troubleshooting **Describe the bug** Failed to upload pcap with wireless data 802.11n https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=Http.cap **To Reproduce** Try to...
