Putting PCAP trace in Elasticsearch is a very good option to find patterns and troubleshoot network issues.
If you have been playing with Forcepoint™ firewalls, you know that traffic logs can be browsed and searched through their central management console (SMC).
The idea is to explore the use of Elasticsearch to index live monitoring events coming from various sources.
help text for search