*I am working with wireshark pcaps inside of SO kibana and hunt. Seems like the timestamps do not match? #10780
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi, I am using windows 11, SO, winlogbeat and logstash
output.logstash:
The Logstash hosts
I have saved a wireshark session as a pcap. I moved the pcap from my windows 10 machine with winSCP. I ran
So-import-pcap and got the url. I went into kibana and hunt and changed the from and to times to match the from
To date/time in the wireshark pcap. But when I try to match up the timestamps between wireshark and
Kibana or hunt, I see the src ip and the dst ip’s that match, so I am wondering if there is a way to send
Pcaps from winSCP to SO with the same timestamps?
Thanks for any advice or suggestions.
Beta Was this translation helpful? Give feedback.
All reactions