Information Security Stack Exchange is a question and answer site for information security professionals. It only takes a minute to sign up.
Sign up to join this community
Anybody can ask a question
Anybody can answer
The best answers are voted up and rise to the top
Is there any tool that accepts a packet capture file as input and displays all the network traffic in a similar way to how a SIEM displays log information? I’m looking for a summary of the ports and IPs to get a good overview of a packet capture.
There are some great platforms in this arena, the first I ever heard of, SecurityOnion. It’s still great after all these years
There are also other platforms such as Malcom and VAST that have different perspectives.
Not the answer you’re looking for? Browse other questions tagged siem pcap or ask your own question.