packetq
« Back to VersTracker
Description:
SQL-like frontend to PCAP files
Type: Formula  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  formulae.brew.sh
Category: Networking
Tags: networking pcap sql analysis packet-sniffer
Install: brew install packetq
About:
Packetq is a command-line tool that provides a SQL-like interface for querying and analyzing network packet data from PCAP files. It allows users to filter, aggregate, and manipulate packet metadata using standard SQL syntax, making complex network analysis tasks more accessible. The tool outputs results in various formats, facilitating automated processing and detailed traffic inspection.
Key Features:
  • SQL-based query language for packet data
  • Supports standard PCAP and PCAPng file formats
  • High-performance processing of large capture files
  • Flexible output formatting (CSV, JSON, etc.)
Use Cases:
  • Extracting specific traffic patterns from large network captures
  • Generating statistical reports on protocol usage or top talkers
  • Automating network forensics and security analysis workflows
Alternatives:
  • tshark – tshark is part of the Wireshark suite and offers more extensive protocol decoding, but Packetq provides a more intuitive SQL interface for data aggregation and filtering.
  • tcpdump – tcpdump is a standard tool for live capture and basic filtering, whereas Packetq excels at post-capture analysis using complex queries on stored data.
Version History
Detected Version Rev Change Commit
« Back to VersTracker  |  Browse Packages  |  About