CloudShark 2.0 added a lot of cool new features to CloudShark, but perhaps the most powerful (and most complex) was the addition of search capability to the CloudShark API. The search API function takes the already robust search features of CloudShark that were available through the user interface and brings them to anyone who wants to integrate CloudShark with their existing tools or work CloudShark seamlessly into their automation environment.
Use any of the search features of CloudShark
The CloudShark Search API uses the same powerful search capabilities available in the CloudShark user interface. You can search on file detail fields like filename, user/group, and tags or search on packet details like encapsulation, number of packets, and packet rate.
curl -XGET "http://cloudshark/api/v1//search?search[tags]=Boston"
Sort and organize results
Since there’s potentially millions of captures on your CloudShark appliance, the search API needed a way to make sure you get the results you want in the order you want them.
To solve this, the search API returns results in pages. You can specify the number of results per page that will appear, and you can specify the files to be sorted in order of many of the fields you can search on, like file name, upload date, start and end time, or packet size.
Want articles like this delivered right to your inbox?Sign up for our Newsletter
No spam, just good networking.