json_key_frame_ts = json_key_frame + ".time_epoch"\r
\r
\r
+JSON_KEY_ETH = "eth"\r
+JSON_KEY_ETH_SRC = "eth.src"\r
+JSON_KEY_ETH_DST = "eth.dst"\r
+\r
+\r
def make_unique(key, dct):\r
counter = 0\r
unique_key = key\r
new_packet["dst_ip"] = layers[json_key_ip][json_key_ip + ".dst"]\r
new_packet["dst_port"] = int(layers[json_key_tcp][json_key_tcp + ".dstport"])\r
\r
+ # JV: Also include src so we can see what device initiates the traffic\r
+ new_packet["src_ip"] = layers[json_key_ip][json_key_ip + ".src"]\r
+ new_packet["src_port"] = int(layers[json_key_tcp][json_key_tcp + ".srcport"])\r
+ #JV: Also include eth soure/destination info so that we can map traffic to physical device using MAC\r
+ new_packet[JSON_KEY_ETH_SRC] = layers[JSON_KEY_ETH][JSON_KEY_ETH_SRC]\r
+ new_packet[JSON_KEY_ETH_DST] = layers[JSON_KEY_ETH][JSON_KEY_ETH_DST]\r
+\r
# Go through all HTTP fields and extract the ones that are needed\r
http_data = layers[json_key_http]\r
for http_key in http_data:\r
\r
new_packet["ts"] = layers[json_key_frame][json_key_frame_ts]\r
\r
- # Now extract and parse the packet comment\r
- if (json_key_pkt_comment not in layers or\r
- json_key_frame_comment not in layers[json_key_pkt_comment]):\r
- print "WARNING: no packet comment found!" + frame_num\r
- continue\r
-\r
- comment = layers[json_key_pkt_comment][json_key_frame_comment]\r
- comment_data = json.loads(comment)\r
- for key in comment_data:\r
- new_packet[str(key)] = str(comment_data[key])\r
-\r
# Create a unique key for each packet to keep consistent with ReCon\r
# Also good in case packets end up in different files\r
data[str(uuid.uuid4())] = new_packet\r