Wireshark-dev: [Wireshark-dev] Community ID flow hashes in Wireshark
From: Christian Kreibich <christian@xxxxxxxxxxxxx>
Date: Thu, 11 Jul 2019 14:32:42 -0700
Hi folks,

How do people here feel about adding the ability to see Community ID flow hashes in Wireshark? For context, this is a standardized implementation of flow hashing, to simplify linking/pivoting flows across data sets. There's more detail below, including a Python implementation and pointers to projects that currently support (or intend to support) it:

https://github.com/corelight/community-id-spec/

We'd be happy to start working toward this, assuming sufficient interest.

Best,
Christian