Packet Capture probe
Packets are stored in pcap files. These pcap files are commonly compressed with Gzip and most packet capture processing tools will be able to compress and uncompress the packets.
A Beeks Analytics Packet Capture probe writes a new pcap file to disk every 10 seconds.
Packet capture (to disk) provides the following:
An absolute record of network traffic at packet-level. Use it as evidence in disputes, or if you need to go back to calculate some stats, or decode protocols that you didn't have decoders in place for at the time. Packet capture viewing tools (such as Wireshark) can be used to view the data in this repository, and VMX-Capture allows you to filter the capture files to the precise timing and BPF filter that you need.
Market Data replay with mdPlay, in which we very accurately reproduce market conditions by replaying market data from these captures with exactly the same timings as the original.
To configure a Packet Capture probe, the Napatech card in the Beeks Analytics appliance is configured with the the data that the probe will listen for. The probe outputs files in pcap form that are compressed into gz archives. The file naming convention is [probename][timestamp].pcap.gz