Kibana/Banana PCAP Panel Query by: ip_src_addr, ip_dst_addr, ip_src_port, ip_dst_port, protocol PCAP Service - REST + Capture Timestamp Packet Packet Mapper: - Read PCAP from HDFS (PCAP InputOutput Format) Filter Packets from HDFS PCAP based on Query Emit: timestamp : packet Packet Packet Packet + PCAP Header Packet Packet PCAP Aggregator to HDFS Spout/Bolt Single Reducer: - Order packets by timestamp Apply PCAP Header Write new PCAP Packet PCAP RAW PCAP PCAP PCAP PCAP PCAP PCAP PCAP DPDK Probe (N) Intel x520 Capture Card HDFS Filename: startTimestamp(Epoch)_endTimestamp(Epoch)_UUID_PCAP