VMX-Capture is the layer responsible for data capture and decoding.
Note: For the full Beeks Analytics architecture showing all components, see section Appendix A: Beeks Analytics full architecture diagram.
VMX-Capture is a set of software components that are specifically designed for high-performance packet capture, decoding, high-volume real-time analysis. It can produce a message output, statistical calculations based on the data, or an output of market data anomalies.
VMX-Capture is most commonly deployed on a Beeks Analytics appliance. However, it can also be installed on the client’s own hardware or on a cloud compute instance.
The simplest task that you can perform with Beeks Analytics is to use it as a packet capture appliance - that is, writing packets to disk and making them available for search and retrieval. This ability to capture high volumes of packets without dropping data acts as the building block on which higher-level services are built.
Because Beeks Analytics performs its analysis on packets that traverse one or more points on the network, it needs to be provided with a copy of the packets that are crossing these points in the network. This is known as traffic mirroring.
For more detailed information about VMX-Capture configuration, please read the Configuration Guide for VMX-Capture.
How does data reach VMX-Capture?
The most common deployment of VMX-Capture has the VMX-Capture software reading packets in real-time.
Because Beeks Analytics performs its analysis on packets that traverse one or more points on the network, it needs to be provided with a copy of the packets that are crossing these points in the network. This is known as traffic mirroring.
There are three principle ways in which traffic can be mirrored from a network to a monitoring device:
Optical Taps
Port Mirroring
Layer 1 switching
See Beeks Analytics Deployment Options for more information about the different packet mirroring technologies.
Note that it is also possible to configure VMX-Capture to read packet captures from a static filesystem (i.e. one that is updated in batches rather than as a stream, e.g. a packet store in an Amazon S3 bucket). See the VMX-Capture Configuration Guide for further information.