my-asu-archive/real-time-traffic-analysis-clickhouse
1
0
Fork 0
mirror of https://github.com/20kaushik02/real-time-traffic-analysis-clickhouse.git synced 2026-01-25 08:04:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

pcap to csv pipeline

Browse Source
This commit is contained in:
Kaushik Narayan R
2024-11-02 22:15:39 -07:00
parent 957202d86f
commit 59ea030790
4 changed files with 601976 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
preprocessing/README.md
View File

@@ -6,10 +6,12 @@
- maybe GRE for VPN usage?
- L3 - IPv6 is only around 10%, let's drop it
- Selection (of fields):
- Timestamp - note: capture window is from 0500-0515 UTC
- Timestamp
- capture window is from 0500-0515 UTC
- nanosecond precision, use DateTime64 data type in ClickHouse
- IP
- addresses - src, dst
- protocol - 6 (TCP) or 17 (UDP). cld go for boolean to save space
- TCP
- protocol - TCP or UDP. cld go for boolean in ClickHouse to save space
- TCP/UDP
- ports - sport, dport
- Packet size - in bytes - could exclude L2?
- Packet size - in bytes