[
https://issues.apache.org/jira/browse/METRON-1638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16549727#comment-16549727
]
ASF GitHub Bot commented on METRON-1638:
----------------------------------------
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/1120#discussion_r203843748
--- Diff: metron-deployment/packaging/docker/rpm-docker/SPECS/metron.spec
---
@@ -419,6 +419,7 @@ This package installs the Metron Rest %{metron_home}
%dir %{metron_home}/lib
%{metron_home}/config/rest_application.yml
%{metron_home}/bin/metron-rest.sh
+%{metron_home}/bin/pcap_to_pdml.sh
--- End diff --
Is there anything to be done for the ubuntu debs?
> Retrieve Pcap results in pdml format
> ------------------------------------
>
> Key: METRON-1638
> URL: https://issues.apache.org/jira/browse/METRON-1638
> Project: Metron
> Issue Type: Sub-task
> Reporter: Ryan Merriman
> Priority: Major
>
> There should be a REST endpoint that allows a user to retrieve pcap page
> results in pdml format. Assuming tshark is installed, there should be a "GET
> /api/v1/pcap/pdml/<jobId>/<pageNumber>" endpoint that will return pcap
> results for the given page in pdml format
> ([https://wiki.wireshark.org/PDML]), converted to json for easier consumption
> by a UI. This endpoint will call out to the tskark utility for the raw to
> pdml conversion.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
