Putting PCAP trace in Elasticsearch is a very good option to find patterns and troubleshoot network issues.
If you play with packet captures on a regular basis, it’s likely you’ve already wondered if it’s possible to identify quickly what generates most traffic, what amount of data was transferred, etc.
This bash tip can be useful when trying to extract all HTTP requests from PCAP generated traces.
help text for search