securityonion-pcapagent
Requires Python 3.7
PCAP Flow
###PCAP Agent
- Agent checks in every X seconds looking for jobs GET /getjobs
PCAP Server
Use ESID to pull PCAP replace capme with bro ESID need to be able to connect to elastic Limit size of transcript