Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
2
2023-261
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Gamage G.G.I.V.M
2023-261
Commits
68e8b58a
Commit
68e8b58a
authored
Jun 24, 2023
by
N.W. Harshani Jayawardhana
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
IT20140816
parent
196c7035
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
35 additions
and
0 deletions
+35
-0
IT20140816_sql.py
IT20140816_sql.py
+35
-0
No files found.
IT20140816_sql.py
0 → 100644
View file @
68e8b58a
import
pyshark
import
sqlite3
def
create_database
(
pcap_file
,
db_file
):
# Read the pcap file
pcap
=
pyshark
.
FileCapture
(
pcap_file
)
# Connect to the SQLite database
conn
=
sqlite3
.
connect
(
db_file
)
cursor
=
conn
.
cursor
()
# Create a table to store the event flow information
cursor
.
execute
(
'''CREATE TABLE IF NOT EXISTS event_flow
(source_ip TEXT, destination_ip TEXT)'''
)
# Iterate over the packets in the pcap file
for
packet
in
pcap
:
# Check if the packet has an IP layer
if
'IP'
in
packet
:
ip_layer
=
packet
[
'IP'
]
src_ip
=
ip_layer
.
src
dst_ip
=
ip_layer
.
dst
# Insert the event flow data into the table
cursor
.
execute
(
"INSERT INTO event_flow VALUES (?, ?)"
,
(
src_ip
,
dst_ip
))
# Commit the changes and close the database connection
conn
.
commit
()
conn
.
close
()
# Usage example
pcap_file
=
'capture.pcap'
db_file
=
'event_flow.db'
create_database
(
pcap_file
,
db_file
)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment