Network Full Packet Capture with Arkime & Elasticsearch - ElasticCC
Автор: Official Elastic Community
Загружено: 2021-03-02
Просмотров: 8671
Join us for a comprehensive presentation as we demo Arkime, an open-source full packet capture system that uses Elasticsearch for metadata storage. Trusted by Verizon Media and other enterprises, Arkime protects networks for a fraction of the cost of a commercial full packet capture system.
Elasticsearch enables Arkime to provide powerful and fast search, with near-instant retrieval of any captured session on your network. Akrime can be used to view a large number of metadata fields directly or you can send important sessions to your favorite tools such as Wireshark. This demo focuses on how Arkime uses Elasticsearch and the powerful queries that it builds for you in its custom UI. It shares how we scale Elasticsearch to store multiple petabytes per cluster, while breaking some common assumptions and rules.
Speakers:
Andy Arkime's Creator & Chief Architect of AIM
Elyse: UI/X Engineer for Arkine
#elasticsearch #arkime #casestudy #techcommunity #fullpacket
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
