Full flow retrieval optimized packet capture
Patent
·
OSTI ID:1525041
A packet capture system may copy packets from an interface to a bucket. When the bucket is full of packets, a new bucket for incoming packets may be started, and the full bucket may be indexed. During the indexing, each packet may be sorted in the bucket by flow, and each flow may be indexed. Once indexing is complete, the packets are written to a flow ordered FCAP file and the indexes are written to disk. The flow ordered nature of the FCAP file combined with the indices and their associated search algorithms allow for rapid retrieval of captured flows.
- Research Organization:
- Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC52-06NA25396
- Assignee:
- Ferrell, Paul, Los Alamos, NM (United States)
- Patent Number(s):
- 10,230,643
- Application Number:
- 15/139,484
- OSTI ID:
- 1525041
- Country of Publication:
- United States
- Language:
- English
Similar Records
PcapDB: Search Optimized Packet Capture, Version 0.1.0.0
PcapDB: Search Optimized Packet Capture, Version 0.1.0.0
Packet Capture Solutions: PcapDB Benchmark for High-Bandwidth Capture, Storage, and Searching
Software
·
2016
·
OSTI ID:1337568
PcapDB: Search Optimized Packet Capture, Version 0.1.0.0
Software
·
2016
·
OSTI ID:code-4957
Packet Capture Solutions: PcapDB Benchmark for High-Bandwidth Capture, Storage, and Searching
Technical Report
·
2017
·
OSTI ID:1351206