⬡ NETWORK TAPs / SPAN PORTS / INLINE
- [01]Raw packet capture · <20MB RAM footprint
- [02]Protocol dissection: TCP/UDP/DNS/HTTP/TLS
- [03]OT protocols: Modbus, DNP3, BACnet, EtherNet/IP
- [04]14-feature flow extraction for ML pipeline
- [05]Alert-triggered selective PCAP capture
- [06]IPS inline drop via AF_PACKET inline mode
- [07]Syslog · SNMP trap · NetFlow/IPFIX/sFlow
- [08]RocksDB DLQ — 7-day local spool on Kafka loss