pcap-2-bro

Replay PCAP through a rock sensor

-w --workers NUMBER (number of threads to allocate to pool)
-d --directory /path/to/dir (top directory if using the -r option or directory that contains Pcap files)
-r --recursive (if you have multiple pcaps in layered directories)
-f --file /path/to/pcap/file (single pcap ingest)
-v --verbose (use if you want status updates every 10 seconds on screen)
-s --source UUID or Source Name. This replaces the ROCK::sensor_id variable so that you can search for the data easily inside of ROCK and identify the source it came from.

Name		Name	Last commit message	Last commit date
Latest commit History 25 Commits
README.md		README.md
pcap-2-rock.py		pcap-2-rock.py

Provide feedback