This is a non-IMPACT record, meaning that access to the data is not
controlled by IMPACT. For access, see the directions below.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Summary
DS-1362
Moloch
External Tool
External Data Source
GitHub
Unknown
Unknown
56 (lowest rank is 56)
Description
Moloch is a large scale, open source, indexed packet capture and search system.
Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP browsing, searching, and exporting. Moloch exposes APIs which allow for PCAP data and JSON formatted session data to be downloaded and consumed directly. Moloch stores and exports all packets in standard PCAP format, allowing you to also use your favorite PCAP ingesting tools, such as wireshark, during your analysis workflow.
Moloch is built to be deployed across many systems and can scale to handle tens of gigabits/sec of traffic. PCAP retention is based on available sensor disk space. Metadata retention is based on the Elasticsearch cluster scale. Both can be increased at anytime and are under your complete control.
Additional Details
N/A
false
Unknown
moloch, 1362, source, inferlink corporation, corporation, external data source, external, inferlink, scale, indexed, system, search, capture, packet, pcap, format, retention, based, standard, traffic, providing, deployed, interface, tools, systems, network, web, security, current, exposes, complete, infrastructure, intuitive, allowing, store, control, anytime, stores, fast, built, json, augments, searching, exports, handle, ingesting, workflow, browsing, elasticsearch, wireshark, space, gigabits, simple, exporting, metadata, analysis, downloaded, disk, session, formatted, increased, access, other, packets, tens, consumed, favorite, sensor, apis, cluster