LitenAI supports uploading packet files in PCAP format, storing all packets in its Smart Lake. For demonstration, a table named pcap has been created in the LogReason Smart Lake. It can ingest large volumes of packet data for analysis. While PCAP files are currently used, any network-related log files can be uploaded and analyzed using LitenAI.
Scroll down for chat examples. Scroll further down for more information on LitenAI Smart Lake.
LitenAI supports high-level reasoning and detailed packet analysis. Below are some examples, but it can be applied to many other use cases. Contact us to test it with your data—either on our cloud platform or locally via a Docker installation.
General Analysis
Users can ask high-level questions, and LitenAI will generate a structured plan to analyze network congestion based on the provided prompt. You can also explore specific details—scroll down to see examples.
Generate sql to find out the number of packets between src_ip and dst_ip for each protocol type from the pcap table. Execute the sql.
This generates and executes the code, then displays the resulting rows with the relevant information.
Ask any question to analyze the data.
Analyze the data to tell me more about the overloaded IP addresses.
You can also explore it as a plot, if needed.
Plot the dataset.
LitenAI can extract various types of information from packets to analyze congestion more effectively.
Understanding packet contents
LitenAI helps you analyze and understand your packets more effectively. It can interpret packet data and respond to your queries through chat. Think of it as a valuable addition to Wireshark.
First, obtain the packets for analysis. Let’s start with a row. For now, TCP layers are excluded, but you can include them if needed for a more comprehensive TCP analysis.
Select one packet row from pcap table without layers_tcp column using sql and execute it,
The packet is stored in a dataset and displayed. You can now ask LitenAI to describe the packet and its contents.
Describe the dataset.
It presents all packet information in a clear and readable format.
You can now query the packet for various types of information. Here are a few examples:
Analyze the data to tell me the application protocol used to transfer files from PC to server?
Analyze the data to tell me the IP address of the server.
Various other questions related to packets can be asked, and it will provide answers. Through calls to large language models (LLMs), it understands multiple natural languages and can respond appropriately.
Upload the packet you’re interested in and ask your question. You can also filter specific packets or columns to focus on relevant data. LitenAI will help you find the right packet efficiently.
Various types of packets with different protocols can be analyzed. Below is an analysis of a DHCP packet.
Select one packet row with dhcp protocol using sql and execute it.
Analyze to tell me the DHCP server IP address?
Analyze the data to visualize this DHCP exchange in ascii?
This produces DHCP exchange in ASCII as shown below.
Analyze the data to get a mind map of 4 dhcp frames and highlight latency?
This generates a detailed mind map. Below is a small sample for reference.
Here is more information about the LitenAI Smart Lake Storage Layer.
Smart Lake
In the LitenAI Smart Lake, the customer ingested their knowledge documents and established connections to their required databases. All data is securely stored within the customer’s storage. Customers can ingest data using various methods, either programmatically from stored files or through streams for continuous ingestion. Additionally, data can be uploaded and managed through Lake Agents, either via chat or using the Lake GUI interface to populate the lake. If you are going through these prompts, make sure to select logreason data lake. Select lake tab and ensure that logreason lake is selected. You can also select pcap table to make it default if no table name can be identified from the prompts.
To ingest a new file, you can select pcap type and choose a file. Click on Ingest. It will append the pcap information to pcap table.
This blog highlights the capabilities of AI in analyzing network packets. Various types of analysis can be performed, and customers can integrate their own agents for specific tasks. Contact us for more information.