elasticshark

Sift Packets with Elasticsearch

Build the image

docker build -t fullaxx/elasticshark .

Run the image

docker run -d --rm \
-h elasticshark \
--name elasticshark \
--cap-add SYS_TIME \
--memory 4G \
--cpuset-cpus=0-1 \
--ulimit nofile=65535:65535 \
--ulimit memlock=-1:-1 \
-p 9200:9200 \
-p 5601:5601 \
-e "KBN_PATH_CONF=/usr/share/kibana/config" \
-e "bootstrap.memory_lock=true" \
fullaxx/elasticshark

Compile the tshark EK converter

cd src
./compile.sh

Helpful commands

tshark -G elastic-mapping | less
sudo tshark -i eth0 -T ek | ./pretty.exe

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
autoconfig		autoconfig
src		src
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

elasticshark

Build the image

Run the image

Compile the tshark EK converter

Helpful commands

About

Releases

Packages

Languages

License

Fullaxx/elasticshark

Folders and files

Latest commit

History

Repository files navigation

elasticshark

Build the image

Run the image

Compile the tshark EK converter

Helpful commands

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages