API Reference

intake_pcap.source.PCAPSource(urlpath[, …])

Load PCAP data

intake_pcap.packet.IPPacket(data)

A packet of data on an IP network comm

intake_pcap.stream.LiveStream(interface[, …])

Attributes

intake_pcap.stream.OfflineStream(path[, …])

Attributes

intake_pcap.stream.PacketStream(reader, …)

A set of IP packets
class intake_pcap.source.PCAPSource(urlpath, metadata=None, **pcap_kwargs)[source]

Load PCAP data

Supports either .pcap file format (e.g., as produced by TCPdump) or reading live from an interface.

Attributes
cache_dirs
classname
datashape
description
has_been_persisted
hvplot

Returns a hvPlot object to provide a high-level plotting API.

is_persisted
plot

Returns a hvPlot object to provide a high-level plotting API.

plots

List custom associated quick-plots

Methods

close(self)

Close open resources corresponding to this data source.

discover(self)

Open resource and populate the source attributes.

export(self, path, \*\*kwargs)

Save this data for sharing with other people

persist(self[, ttl])

Save data from this source to local persistent storage

read(self)

Load entire dataset into a container and return it

read_chunked(self)

Return iterator over container fragments of data source

read_partition(self, i)

Return a part of the data corresponding to i-th partition.

to_dask(self)

Return a dask container for this data source

to_spark(self)

Provide an equivalent data object in Apache Spark

yaml(self[, with_plugin])

Return YAML representation of this data-source

get_persisted

set_cache_dir
read(self)[source]

Load entire dataset into a container and return it

to_dask(self)[source]

Return a dask container for this data source

class intake_pcap.packet.IPPacket(data)[source]

A packet of data on an IP network comm

Attributes
destination_ip_address
destination_ip_port
destination_mac_address
ethernet_protocol
ip_protocol
source_ip_address
source_ip_port
source_mac_address
class intake_pcap.stream.LiveStream(interface, protocol=None, payload=False, max_packet=65536, timeout=1000)[source]
Attributes
dtype

Methods

set_filter(self, protocol)

Filters all IP traffic except packets matching given protocol.

to_dataframe
class intake_pcap.stream.OfflineStream(path, protocol=None, payload=False)[source]
Attributes
dtype

Methods

set_filter(self, protocol)

Filters all IP traffic except packets matching given protocol.

to_dataframe
class intake_pcap.stream.PacketStream(reader, protocol, payload)[source]

A set of IP packets

Attributes
dtype

Methods

set_filter(self, protocol)

Filters all IP traffic except packets matching given protocol.

to_dataframe
set_filter(self, protocol)[source]

Filters all IP traffic except packets matching given protocol.

Parameters:
protocolstr

Show only traffic for given IP protocol.

Allowed values are icmp, icmp6, igmp, igrp, pim, ah, esp, vrrp, udp, and tcp. If None, all traffic is shown.