Hi!
This might be a dumb question! But iam unable to figure out if the pcap data is being parsed per packet or per flow/stream!
Please help me understand this. Thank you!
Niveah
what you mean by being parsed per packet or per flow/stream? Packetbeat publishes flow information and transaction-logs. The later by parsing the packet contents and correlating multiple packets and included messages into transactions.
1 Like
Thank you, you've helped me understand! 
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.