On Mon, Feb 10, 2020 at 12:08 PM Kristopher Browne
<kris.browne at gmail.com> wrote:
>
> I would consider this a learning opportunity to instal/learnl packetbeat, Elasticsearch, and kibana, rather than using tcpdump or wireshark… Probably setup logging from the network devices to go there too. Might be able to correlate behaviors that would be harder with the disparate tools.
>

The three packages you mention all would appear to be part of the
same ecosystem.

Am looking at these as an option. Any other option to suggest?

TIA