# arkime/arkime **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/arkime-arkime).** 7,399 stars · 1,154 forks · C · Apache-2.0 ## Links - GitHub: https://github.com/arkime/arkime - Homepage: https://arkime.com - awesome-repositories: https://awesome-repositories.com/repository/arkime-arkime.md ## Description Arkime is a distributed packet analysis platform and full packet capture system designed for recording raw network traffic, indexing metadata, and performing network forensics. It functions as a network traffic indexer and security tool that enables the monitoring, querying, and browsing of large-scale network traffic across multi-cluster architectures. The platform distinguishes itself through its ability to manage distributed capture clusters from a centralized administrative dashboard. It integrates external data feeds with internal traffic logs to identify known threats and provides a programmatic interface for exporting raw traffic streams and session metadata to external analysis software. The system covers broad capability areas including network security monitoring, multi-cluster health observability, and traffic data search. It incorporates role-based access control to protect sensitive packet data and provides a web-based interface for packet capture browsing and forensic investigation. ## Tags ### Networking & Communication - [Packet Capture Storage](https://awesome-repositories.com/f/networking-communication/packet-capture-storage.md) — Records raw network traffic across multiple nodes and stores the data in local packet files. - [Distributed Capture Probes](https://awesome-repositories.com/f/networking-communication/distributed-capture-probes.md) — Manages a distributed architecture of remote network sensors that forward traffic data to a central server. - [Full Packet Capture Systems](https://awesome-repositories.com/f/networking-communication/full-packet-capture-systems.md) — Provides a complete system for recording raw network packets, indexing metadata, and storing traffic for forensics. - [Packet Capture Utilities](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-routing-traffic-management/packet-capture-utilities.md) — Provides a web interface for browsing recorded raw network traffic and exporting data for external forensic analysis. ([source](https://github.com/arkime/arkime#readme)) - [Packet Capture Engines](https://awesome-repositories.com/f/networking-communication/packet-capture-engines.md) — Implements a high-performance engine for intercepting and recording raw network traffic. ([source](https://github.com/arkime/arkime/blob/main/Makefile.am)) - [Packet Capture Utilities](https://awesome-repositories.com/f/networking-communication/packet-capture-utilities.md) — Records and stores full raw network traffic for deep security analysis and detailed forensic investigations. - [Metadata Indexing](https://awesome-repositories.com/f/networking-communication/packet-search-utilities/metadata-indexing.md) — Extracts session metadata from raw packets into searchable indexes for fast querying of large traffic volumes. - [Traffic Stream APIs](https://awesome-repositories.com/f/networking-communication/traffic-stream-apis.md) — Provides a programmatic interface to stream raw capture files and session metadata to third-party analysis software. ([source](https://github.com/arkime/arkime/blob/main/README.md)) ### Part of an Awesome List - [Network Forensics](https://awesome-repositories.com/f/awesome-lists/data/network-forensics.md) — Provides a web-based interface for querying indexed data and analyzing full network packets. - [Network Security Monitoring](https://awesome-repositories.com/f/awesome-lists/security/network-security-monitoring.md) — Stores and indexes network traffic for fast forensic access. ### Data & Databases - [Network Session Indexing](https://awesome-repositories.com/f/data-databases/full-text-search-engines/metadata-indexing/network-session-indexing.md) — Indexes network session metadata to enable rapid retrieval and analysis of specific communication events. ([source](https://github.com/arkime/arkime#readme)) - [Network Traffic Queries](https://awesome-repositories.com/f/data-databases/search-indexing-technologies/search-indexing/search-and-indexing/network-traffic-queries.md) — Enables querying indexed packet data to identify patterns or anomalies within large-scale network captures. ([source](https://github.com/arkime/arkime/blob/main/Makefile.am)) - [Indicator Feed Ingestion](https://awesome-repositories.com/f/data-databases/external-data-integrations/external-feed-integrations/indicator-feed-ingestion.md) — Integrates high-fidelity indicator feeds with internal logs to identify known network threats. ([source](https://github.com/arkime/arkime/tree/main/wiseService)) ### Security & Cryptography - [Role-Based Access Control](https://awesome-repositories.com/f/security-cryptography/role-based-access-control.md) — Restricts access to sensitive packet data and system configurations using role-based permissions. - [System Access Restrictions](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/security-and-compliance/security-and-threat-mitigations/system-access-restrictions.md) — Implements technical controls using passwords, API keys, and proxies to restrict unauthorized system access. ([source](https://github.com/arkime/arkime#readme)) - [Dashboard Access Controls](https://awesome-repositories.com/f/security-cryptography/identity-access-management/access-control/data-resource-permissions/dashboard-access-controls.md) — Restricts the ability to modify system configurations and manage settings based on assigned user roles. ([source](https://github.com/arkime/arkime/tree/main/parliament)) - [Interface Access Security](https://awesome-repositories.com/f/security-cryptography/interface-access-security.md) — Protects captured packet data and management interfaces via API keys, passwords, and authentication proxies. ([source](https://github.com/arkime/arkime/blob/main/README.md)) - [Session Metadata Exports](https://awesome-repositories.com/f/security-cryptography/user-account-management/session-identity-retrieval/session-metadata-retrieval/session-metadata-exports.md) — Allows downloading packet captures and session data in structured formats for external security tool integration. ([source](https://github.com/arkime/arkime#readme)) ### System Administration & Monitoring - [Cluster Health Monitoring](https://awesome-repositories.com/f/system-administration-monitoring/cluster-health-monitoring.md) — Features a centralized health dashboard to track node connectivity and performance across distributed capture points. - [Distributed Packet Analysis Platforms](https://awesome-repositories.com/f/system-administration-monitoring/distributed-packet-analysis-platforms.md) — Ships a multi-cluster architecture for centralized monitoring, querying, and browsing of large-scale network traffic. - [Traffic Data Export](https://awesome-repositories.com/f/system-administration-monitoring/traffic-data-export.md) — Provides utilities for saving and interoperating network capture data via programmatic interfaces.