drop pcap or pcapng file · parse all packets · reconstruct tcp and udp flows · compute flow statistics · surface top talkers unusual ports and flow anomalies · runs locally
capture
drop pcap / pcapng
or click
bidirectional 5-tuple flows · tcp state · inter-arrival stats · anomaly flags
drop pcap or pcapng