Putting PCAP trace in Elasticsearch is a very good option to find patterns and troubleshoot network issues.
If you have been playing with Forcepoint™ firewalls, you know that traffic logs can be browsed and searched through their central management console (SMC).
S’il n’existe pas ou peu de littérature et de documentation en Français sur le sujet, l’observabilité n’en reste pas moins un composant essentiel de l’activité des DSI.
The idea is to explore the use of Elasticsearch to index live monitoring events coming from various sources.
texte aide pour la recherche