Walk Through Example - Creating CSV datasets of Network Traffic¶
In this example, we convert the pcap tracefile in the test directory of
the trafficdatasetmaker
installation into a csv file.
Part 1 - creating datasets from a raw pcap file¶
1. Follow the steps in Installing trafficdatasetmaker to download trafficdatasetmaker
source file and
install.
After installing, change directory to the test folder within
trafficdatasetmaker
root:cd test
3. In the test directory you will find a sample pcap file (test1.pcap) for which we will be creating dataset csv files test1_out folder. Run the command below to obtain datasets for the pcap file.:
trafficdatasetmaker -v -t pcap -i ./test1.pcap -o ./test1_out -d all
This will create a full set of csv dataset files (one each for packets, protocol data units (PDUs) and layer 4 sessions) for test1.pcap, in addtion to a metadata file and a log file, saving all in the test1_out directory. Please take a look at the files in test1_out directory to examine the output. Full descriptions for the files can be found in Usage.
Alternatively the example above can be executed with the commands:
./test1
Or with:
python3 test1.py
Or within a python3 shell environment
from trafficdatasetmaker.trafficdatasetmaker import TrafficDatasetMaker
csvmaker = TrafficDatasetMaker('test1.pcap', 'test1_out', 'pcap', datasets='all')
csvmaker.makecsvs()
Part 2 - Creating Datasets from an Existing CSV of Packets¶
We can also create datasets from an existing csv file output of pcap2csv
.
This can reduce time taken to create datasets if the csv file for the packets
already exists.
Ensure you have followed directions in steps 1 & 2 in Part 1 above.
In the test directory you will find a sample packets-csv file (test2.csv - which is an output of a prior run of the
pcap2csv
command). Run the command below to obtain all datasets from the csv of packets.:trafficdatasetmaker -v -i ./test2.csv -o ./test2_out -d all
Similarly, this will create a full set of csv dataset files (one each for packets, protocol data units (PDUs) and layer 4 sessions) for test2.csv, in addition to a metadata file and a log file, saving all in the test2_out directory. Please take a look at the files in test2_out directory to examine the output. Full descriptions for the files can be found in Usage.
Alternatively: the same example above can be executed with the commands:
./test2
Or with:
python3 test2.py
Or within a python3 shell environment
from trafficdatasetmaker.trafficdatasetmaker import TrafficDatasetMaker
csvmaker = TrafficDatasetMaker('test2.csv', 'test2_out', 'packets-csv', datasets='all')
csvmaker.makecsvs()