Arkime
#Network & Cloud#Network Security
A free DNS recursive service that blocks malicious host names and protects user privacy.
Arkime: An Open-Source Network Capture and Analysis Tool
Arkime is an open-source tool designed for network capture and analysis. It aims to enhance the capabilities of existing security infrastructure.
It stores and indexes network traffic for enhanced visibility
It stores and indexes network traffic in the standard PCAP format, providing complete network visibility to security teams.
The tool is scalable and efficient
The tool is scalable and can handle hundreds of gigabits per second when deployed across multiple clustered systems.
Arkime includes a Sessions page that allows users to view indexed sessions, offers a powerful search functionality, and provides the option to export results in PCAP or CSV format.
It includes an SPI (Session Profile Information) View for Analysis
It features an SPI (Session Profile Information) View that allows for the analysis of unique values from captured fields. Additionally, there is an SPI Graph page that provides temporal views of the top unique field values.
The Connections Page Overview
The Connections page offers a visual representation of search results in the form of a network graph.
In addition, Arkime provides a Parliament application that enables the monitoring of multiple Arkime clusters, along with a Cont3xt application designed for collecting contextual intelligence during technical investigations.
