[
https://issues.apache.org/jira/browse/MINIFICPP-250?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16196367#comment-16196367
]
marco polo commented on MINIFICPP-250:
--------------------------------------
With PcapPlusPlus I have a working packet capture that simply creates bundles
of a configured size. Note that I will probably add an option to limit to a
certain device ( or set of devices ). Right now it will use packets captured
on any device.
I've verified that the generated pcap can be opened by wireshark. Since the
branch is based off of MINIFI-372, I will wait for that to be merged before
submitting a PR for this.
> Create a packet capture process
> -------------------------------
>
> Key: MINIFICPP-250
> URL: https://issues.apache.org/jira/browse/MINIFICPP-250
> Project: NiFi MiNiFi C++
> Issue Type: New Feature
> Reporter: Joseph Witt
> Assignee: marco polo
>
> It would be really powerful to have minificpp agents be able to capture
> packets and produce proper pcap bundles for them. This then can be sent via
> s2s to a nifi which could use pcap readers and netflow/other writers to
> create filtered results, do enrichment, send raw data to kafka/etc...
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
