SIEM-like tool for pcaps



  • Is there any tool that accepts a packet capture file as input and displays all the network traffic in a similar way to how a SIEM displays log information? I'm looking for a summary of the ports and IPs to get a good overview of a packet capture.



  • There are some great platforms in this arena, the first I ever heard of, SecurityOnion. It's still great after all these years

    There are also other platforms such as Malcom and VAST that have different perspectives.


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2