Moloch - How Elasticsearch is Powering Network Forensics at AOL
Watch as Andy Wick and Eoin Miller describe how they are utilizing Elasticsearch to power Moloch - AOL's open source, scalable IPv4 packet capturing (PCAP) indexing and database system. With the help of Elasticsearch software, Moloch provides a simple web GUI for browsing, searching, viewing and exporting PCAP data. The web API's are accessible if you wish to design your own GUI or directly grab PCAP with various command line tools for further analysis or processing. Simply put, Elasticsearch powers a tool that is like AOL Search for PCAP repositories.