Open beave opened 4 years ago
Create a PCAP based off the data that is stored in an EVE alerts.
Possibly create the packet with libdnet/libpcap then write out to file? Obviously would just be a representation of the EVE data in a PCAP form. Wouldn't be a "live" PCAP capture.
Create a PCAP based off the data that is stored in an EVE alerts.
Possibly create the packet with libdnet/libpcap then write out to file? Obviously would just be a representation of the EVE data in a PCAP form. Wouldn't be a "live" PCAP capture.