KismetDB
If the KismetDB log is enabled, Kismet exposes historic, searchable data.
If KismetDB logging is not enabled, these endpoints will not be available and will return an error.
Historic packets
When the kismetdb log type is enabled, fetch packets which match the filter statement from
the logfile.
Returns a PCAP-NG format stream of packets.
/logging/kismetdb/pcap/{TITLE}.pcapngGET
POSTPARAMETERS
TITLE
string
REQUIREDArbitrary file name
filter
multipleMultiple filter options
PARAMETERS
This endpoint takes additional parameters by using a `POST` request and supplying a
JSON document or json form variable.
You can find more information about API parameters here.
filter
multiple
OPTIONALMultiple filter options
The filter options can be passed as individual arguments on the GET URI, as URI-encoded
variables (ie /logging/kismetdb/pcap/foo.pcapng?datasource=...&foo=...&bar=...), or passed
as a JSON command dictionary as a POST request.
Filters function as an AND statement: To match a packet, it must match all filter
terms.
Time window
Restrict packets by a timeframe which can be either bounded (both start and end times specified) or open-ended (only start or end specified)
timestamp_start
number
OPTIONALPosix timestamp with optional double precision as seconds.microseconds
timestamp_end
number
OPTIONALPosix timestamp with optional double precision as seconds.microseconds
Datasource
Limit packets to a specific datasource, by datasource UUID
datasource
string
OPTIONALDatasource UUID
Device key
Packets to, from, or otherwise associated with, the specified device.
device_id
string
OPTIONALKismet device key
Data link type
Match a specific data link type (DLT). This numeric DLT matches the libpcap link types and describes the physical frame type of the packet.
dlt
number
OPTIONALPCAP DLT value
Frequency
Match a specific, bounded, or open-ended frequency rage.
frequency
number
OPTIONALNatch a single frequency in KHz
frequency_min
number
OPTIONALMininum frequency, in KHz
frequency_max
number
OPTIONALMaximum frequency, in KHz
Signal
Match a bounded or open-ended window of signal levels.
Packets with no signal level are considered to have a signal level of 0.
signal_min
number
OPTIONALMinimum signal level
signal_max
number
OPTIONALMaximum signal level
Device MAC addresses
Match by MAC address, if available.
address_source
string
OPTIONALSource MAC address
address_dest
string
OPTIONALDestination MAC address
address_trans
string
OPTIONALTransmitter MAC aaddress (such as the AP BSSID on Wi-Fi)
Location
Filter by a bounded location of rectangular minimum and maximum coordinates.
Coordinates are decimal degrees in floating point format (123.456789).
location_lat_min
number
OPTIONALMinimum latitude
location_lon_min
number
OPTIONALMinimum longitude
location_lat_max
number
OPTIONALMaximum latitude
location_lon_min
number
OPTIONALMaximum longitude
Packet size
Match a bounded or unbounded packet size window.
size_min
number
OPTIONALMinimum packet size, in bytes
size_max
number
OPTIONALMaximum packet size, in bytes
Tags
tag
string
OPTIONALPacket tag to match
Limit
Limit the number of packets returned.
limit
number
OPTIONALReturn at most limit packets
Deleting packets
Delete all packets before drop_before from the KismetDB log.
On very long-running Kismet processes, this can be used to prevent the kismetdb from becoming unmanageable while retaining packet history, for instance by fetching all packets using the historic packet endpoint, then removing them from the kismetdb log.
/logging/kismetdb/pcap/drop.cmdPOSTPARAMETERS
This endpoint takes additional parameters by using a `POST` request and supplying a
JSON document or json form variable.
You can find more information about API parameters here.
drop_before
OPTIONAL