Home

Libtrace bigdata is a real time passive packet analysis application that is used with data visualization engines such as Kibana and Grafana to gain insights on the usage patterns and performance of a network and its applications.

Libtrace bigdata works by capturing packets from a capture point and passing each packet through flow, protocol and TLS decoders to form a result.

Libtrace bigdata comes with a range of pre-built input plugins, filtering plugins and output plugins which will satisfy most users needs. Libtrace bigdata is a event driven application and provides an extensive API for custom plugin development.

User documentation

Installation
Configuration

Input plugins
Protocol Statistics
DNS
Flow Statistics
HTTP
BGP

Filter plugins
Maxmind
JA3

Output plugins
InfluxDB
Kafka
Elasticsearch

Developer documentation

Creating Plugins
Available Events
API

Tutorial 1 - Count the number of packets observed every X seconds