From 1710e47319faf1270ca0f4c9e622385d4d7531c7 Mon Sep 17 00:00:00 2001 From: Mark C Date: Thu, 19 Sep 2024 16:51:03 +0100 Subject: [PATCH] updated README for pcap support --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index 44ed90d..b23aaa2 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,16 @@ Where `` should be replaced with the network interface to be monitored (` If you have installed `cryptomon` as a service, then you do not need to run the first line. To check the monitor is working you can run `db.cryptomon.count({})` from `mongosh` to see if the record count is increasing. +## PCAP Files + +To parse a pcap file `test.pcap`, simply run: + +```bash +./parse-pcap.sh test.pcap +``` + +So long as your data environment variables are all set, then this will parse the PCAP data and replay it over the loopback `lo` interface, allowing cryptomon to parse it. + ## FastAPI To access the FastAPI documentation go to `http://0.0.0.0:8000/docs` to find the documentation for the backend API.