Wireshark Intrusion Analysis / SQL Database Support

Wireshark Intrusion Analysis / SQL Database Support

INTRUSION ANALYSIS / SQL DATABASE SUPPORT

 

  • C5 SIGMA from Command Five Pty Ltd automates TShark (Wireshark) to load large quantities of packet capture data into a SQL database using an automatically generated schema. C5 SIGMA flattens the Wireshark protocol tree into a relational table structure useful for intrusion analysis and data correlation with other systems. It also enables SQL queries against otherwise unnamed text fields visible in the Wireshark protocol tree by intelligently generating human readable names. C5 SIGMA is free software, released under GPL.

  • pcap2xml/sqlite This tool converts 802.11 packet traces (PCAP format) into an XML and SQLITE equivalent so you can now run XPATH/XQUERY/SQL queries on the packets.

Leave a comment