Packet Café
  • Overview
  • Design
    • Architecture
    • API
    • Storage
    • Tools
  • Deployment
    • Prerequisites
    • Linux
    • macOS
    • Orchestration
  • Getting Started
    • Uploading PCAP Files
    • Results
  • Testing
    • Apache Benchmark
    • Curl and Datamash
    • Unit Tests
    • FAQ
Powered by GitBook
On this page

Was this helpful?

Overview

NextArchitecture

Last updated 4 years ago

Was this helpful?

Background

Packet Café is a platform built for easy-to-use automated network traffic analysis. It is built to be modular and allow for a pipeline of tools that are triggered by different inputs and outputs. Currently the tools supplied are defined .

This service accepts files and then processes them against the pipeline of tools providing automated analysis that gets returned in format. That can then be consumed via the directly and put into other systems such as , searched and filtered through the included JSON viewer, or viewed through the included visualizations of the Packet Café frontend.

The hope and motivation behind the Packet Café platform is to enable lowering the barrier to understanding what is actually in a network traffic capture file (PCAP) and provide insight without having to be an expert in networking.

Ready to get started and take Packet Café for a spin already? Otherwise, we recommend reading through the to better understand the bigger picture.

is open source and welcomes contributions to the project.

While the focus of the project is around network traffic and specifically processing PCAP files, the platform has been built such that the formats of what it can process are only dependent on the set of analytic processes (tools) and what inputs they can handle. The tools could be redefined to ones that handle different inputs while still leveraging the entire pipeline and feedback loop of results.

here
PCAP
JSON
API
SIEMs
Go here.
design section
Packet Café