meer icon indicating copy to clipboard operation
meer copied to clipboard
verified publisher icon beave

PCAP output support

Open beave opened this issue 6 years ago • 0 comments

Create a PCAP based off the data that is stored in an EVE alerts.

Possibly create the packet with libdnet/libpcap then write out to file? Obviously would just be a representation of the EVE data in a PCAP form. Wouldn't be a "live" PCAP capture.

beave avatar Nov 01 '19 12:11 beave