1

Is there any tool that accepts a packet capture file as input and displays all the network traffic in a similar way to how a SIEM displays log information? I'm looking for a summary of the ports and IPs to get a good overview of a packet capture.

john doe
  • 648
  • 4
  • 15
  • Unfortunately, questions of the type "is there a product/service that does X?" are off-topic as the answers might not end. And this is a networking question, not a security question (despite the comparison to a SIEM) – schroeder Apr 07 '21 at 23:23
  • Is there a good place on the internet to ask questions about specific tools like the one mentioned here? – john doe Apr 22 '21 at 03:36
  • 2
    https://softwarerecs.stackexchange.com/ – schroeder Apr 22 '21 at 06:44

1 Answers1

1

There are some great platforms in this arena, the first I ever heard of, SecurityOnion. It's still great after all these years

There are also other platforms such as Malcom and VAST that have different perspectives.

atdre
  • 18,885
  • 6
  • 58
  • 107