Andy Wick

initializing color hard to view

5

As a Red-Green Color Blind (http://en.wikipedia.org/wiki/Color_blindness) person the initializing and started colors look the same. Would it be possible to change initializing to a different color, maybe just "yellow".

Add optional signoff functionality for viewer/cont3xt * I'm thinking UI could be FA poweroff icon maybe, shown far right in navbar to the right of everything * would only show...

Arkime Agent POC

Track some of the missing tests Scripts: - [ ] esProxy.js - [x] addUser.js - [ ] decryptPcap.js APIs: - [ ] pcap encryption - [x] sessions.pcap from multi -...

So we can stop using old crypto stuff viewer should auto upgrade (either on use or everyone?) old passStore.

HTTP2 has the ability to have multiple streams in parallel so our current design of decoding a session in viewer won't work. We assume 1 stream with REQUEST then REPLY....

Create a new WISE source that can make api calls for each item instead of expecting to download the whole data set. This would work kind of like the elasticsearch/splunk...

smb backslash issue

4

Clicking on a smb with \ in it causes the expression to match, but not treated as a backslash during the search. example: click on \spoolss causes expression smb.fn=="\spoolss" which...

Replace pcre with re2 in capture to prevent bad REs

Replace http_parser with llhttp

1

https://github.com/nodejs/llhttp