Network Traffic Dashboard
A real-time network visibility tool built with Python, Scapy, and Dash/Plotly. It captures live packets, visualizes bandwidth, protocol distribution, and top talkers, and includes alerts for suspicious activity. Export structured data to CSV and raw packets to PCAP for analysis in Wireshark.
Key Features
- Live packet capture via Scapy with configurable BPF filters.
- Interactive charts for bandwidth over time, protocol distribution, and top talkers.
- Threaded producer–consumer design for smooth, real-time updates.
- Alerting for burst PPS, suspicious ports, and blacklist matches.
- One-click export: CSV (structured) and PCAP (raw) for Wireshark.
- YAML-based configuration for interfaces, thresholds, and filters.
Screenshots
How It Works
Capture & Parse
Scapy sniffs packets on the selected interface, extracting src/dst, protocol, ports, length, and timestamps.
Stream & Aggregate
A consumer thread batches packets into a Pandas DataFrame, prunes by retention window, and maintains rolling stats.
Visualize & Alert
Dash renders live charts; rules flag bursts, suspicious ports, and blacklist hits. CSV/PCAP exports are one click away.
Tech Stack
PythonScapyDashPlotlyFlaskPandasNumPyPyYAMLNpcap/libpcapWireshark