djlat.blogg.se

PacketStreamer meets more general use cases than existing alternatives. You can then process the pcap file or live feed the traffic to the tooling of your choice, such as Zeek, Wireshark Suricata, or as a live stream for Machine Learning models. The PacketStreamer receiver accepts network traffic from multiple sensors, collecting it into a single, central pcap file. PacketStreamer sensors can be run on bare-metal servers, on Docker hosts, and on Kubernetes nodes. Sensors are very lightweight and impose little performance impact on remote hosts. It selects packets to capture using a BPF filter and forwards them to a central receiver process where they are written in pcap format. PacketStreamer sensors collect raw network packets on remote hosts. The PacketStreamer receiver accepts PacketStreamer streams from multiple remote sensors and writes the packets to a local pcap capture file

Traffic streams may be compressed and/or encrypted using TLS. Sensors capture traffic, apply filters, and then stream the traffic to a central receiver. PacketStreamer sensors are started on the target servers. Portability works across virtual machines, Kubernetes and AWS Fargate.Stay light, capture, and stream, no additional processing.It is used by Deepfence’s ThreatStryker security observability platform to gather network traffic on demand from cloud workloads for forensic analysis. Deepfence PacketStreamer is a high-performance remote packet capture and collection tool.