[DRILL-7400] Add Packet Decoders with Interface to Drill - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.18.0
Fix Version/s: None
Component/s: Storage - Other
Labels:
None

Description

Currently Drill's PCAP plugin reads the binary packet data and outputs this as a string in the data column. While this is somewhat helpful, it would be considerably more useful to parse the actual packet (when possible) and map the fields to Drill vectors. Doing so would enable users to query the actual packet contents much more effectively and it would dramatically increase Drill's usefulness for network forensics.

Attachments

Activity

People

Assignee:: Charles Givre

Reporter:: Charles Givre

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Oct/19 15:06

Updated:: 10/Oct/19 15:06