pcap_elasticsearch-225x225

Packet Capture with Pyshark and Elasticsearch

Network packet capture and analysis are commonly done with tools like tcpdump, snort, and Wireshark. These tools provide the capability to capture packets live from networks and store the captures in PCAP files for later analysis. A much better way to store packets is to index them in Elasticsearch where you can easily search for packets based on…

elasticsearch-python-225x225

Elasticsearch Client Programming (2/2) – Python

The first article in this two part series focused on developing Elasticsearch clients with Perl. Elasticsearch also has an excellent Python library which lets you search for and analyze your data with one of the many mathematics and machine learning libraries available for Python. In this article I’ll cover how to create an Elasticsearch client…