What kind of file types can Teleseer analyze?

Teleseer processes network collection files containing 802.3 or 802.11 headers. These files can be one-off collections or can exist within a compressed archive.

In addition to network collection files, Teleseer processes bro/zeek logs, nessus scans, and router configurations.

Network collection files

The following network collection file types are supported:

EXTENSION
.cap
.dmp
.pcap
.pcapng ( including Google Stenographer output )
Cooked PCAPs - "cooked mode" (SSL) packet capture files are not currently supported.

Bro/Zeek

The following bro/zeek log files can be imported into Teleseer:

FILE DESCRIPTION
conn.log IP, TCP, UDP, ICMP connection details
dhcp.log DHCP lease activity
dns.log DNS query/response details
ftp.log FTP request/reply details
http.log HTTP request/reply details
ntp.log NTP request/reply details
sip.log SIP analysis
smtp.log SMTP transactions
ssh.log SSH handshakes
ssl.log SSL handshakes
tunnel.log Details of encapsulating tunnels

It is recommended to use a supported compressed archive file such that all .log files can be ingested at once. Assets created from log files without layer 2 content will appear within the External Hosts tab.

To create logs with layer 2 content, use the following zeek flag: policy/protocols/conn/mac-logging

Example:

$ zeek -C -r maccdc_demo.pcap policy/protocols/conn/mac-logging

For more information on additional support and policies for zeek, see the Zeek Script Index

Supported Formats:
Teleseer currently provides support for the TSV format.
JSON format is not currently supported.

Nessus Scans

The following nessus file can be imported into Teleseer:

FILE DESCRIPTION
.nessus XML-based format

Compressed archives

The following compressed archives are supported:

EXTENSION DESCRIPTION
.bz2 BZIP2 compressed archive
.gz GNU zip compressed archive
.tar Unix Tape Archive File compressed archive
.xz LZMA compressed archive
.zip Lossless data compression archive
Compressed archives should contain one or more of the above-supported file types.
Nested compressed archives are supported.

Firewall/Router Configurations

The following router configurations are supported:

CONFIGURATION
Cisco IOS
Cumulus Linix (ie, Mellanox)
Jumiper JunOS
Fortinet FortiOS
Netgate pfSense
Palo Alto PAN-OS
VMWare NSX (limited support)

Teleseer currently only supports the response bodies from the following NSX API endpoints:

  • /node/configuration for management addresses and gateway routers.
  • /node/network/interfaces for network interface identifiers

TABLE OF CONTENTS
Careers
Terms of Service
Privacy Policy
Contact us
Docs
EOL
Copyright © 2025 All rights reserved.