Arkime is a large-scale packet-capturing, indexing, and database system that provides a simple web interface for browsing, searching, and exporting pcap files (FOR572).
The capture mechanism can passively listen on a network interface or read existing packet capture data. It parses the traffic, tracks Session Profile Information (SPI data), and writes the raw packets to disk for later use and extraction.
