Walk Through Example - Creating CSV datasets of Network Traffic

In this example, we convert the pcap tracefile in the test directory of the trafficdatasetmaker installation into a csv file.

Part 1 - creating datasets from a raw pcap file

1. Follow the steps in Installing trafficdatasetmaker to download trafficdatasetmaker source file and install.

  1. After installing, change directory to the test folder within trafficdatasetmaker root:

    cd test
    

3. In the test directory you will find a sample pcap file (test1.pcap) for which we will be creating dataset csv files test1_out folder. Run the command below to obtain datasets for the pcap file.:

trafficdatasetmaker -v -t pcap -i ./test1.pcap -o ./test1_out -d all

This will create a full set of csv dataset files (one each for packets, protocol data units (PDUs) and layer 4 sessions) for test1.pcap, in addtion to a metadata file and a log file, saving all in the test1_out directory. Please take a look at the files in test1_out directory to examine the output. Full descriptions for the files can be found in Usage.


Alternatively the example above can be executed with the commands:

./test1

Or with:

python3 test1.py

Or within a python3 shell environment

from trafficdatasetmaker.trafficdatasetmaker import TrafficDatasetMaker
csvmaker = TrafficDatasetMaker('test1.pcap', 'test1_out', 'pcap', datasets='all')
csvmaker.makecsvs()

Part 2 - Creating Datasets from an Existing CSV of Packets

We can also create datasets from an existing csv file output of pcap2csv. This can reduce time taken to create datasets if the csv file for the packets already exists.

  1. Ensure you have followed directions in steps 1 & 2 in Part 1 above.

  2. In the test directory you will find a sample packets-csv file (test2.csv - which is an output of a prior run of the pcap2csv command). Run the command below to obtain all datasets from the csv of packets.:

    trafficdatasetmaker -v -i ./test2.csv -o ./test2_out -d all
    

Similarly, this will create a full set of csv dataset files (one each for packets, protocol data units (PDUs) and layer 4 sessions) for test2.csv, in addition to a metadata file and a log file, saving all in the test2_out directory. Please take a look at the files in test2_out directory to examine the output. Full descriptions for the files can be found in Usage.


Alternatively: the same example above can be executed with the commands:

./test2

Or with:

python3 test2.py

Or within a python3 shell environment

from trafficdatasetmaker.trafficdatasetmaker import TrafficDatasetMaker
csvmaker = TrafficDatasetMaker('test2.csv', 'test2_out', 'packets-csv', datasets='all')
csvmaker.makecsvs()