Feature Tour video: pcap workflows #2705
Description
In the same spirit as the Preview & Load video doc that was recently added, we should have a Feature Tour video that covers the current state of the pcap workflows the way they exist in modern Zui. This would take the place of how they were covered in the now out-of-date Brim Demo video that used the security use case to walk through many of the major features of the app.
Things to make sure are covered (not a complete list):
- pcap import and how it bypasses Preview & Load
- The Wireshark button for opening flows
- The role of Brimcap
- How to load the Brimcap queries
- A pointer to the Custom Brimcap Config article
- Disclose that we know the current Zeek/Suricata ports are old and that we'd welcome community involvement in updating these