From e3c3647a7eafed1ace1a9936227b8c9042dea396 Mon Sep 17 00:00:00 2001 From: Yaro Kasear Date: Mon, 21 Apr 2025 12:55:33 -0500 Subject: [PATCH] Add packet count tracking to SSID metrics in analyze_pcap function --- enrich.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/enrich.py b/enrich.py index 9a6d8af..6fff254 100755 --- a/enrich.py +++ b/enrich.py @@ -305,6 +305,7 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel): ssid_to_bssids = defaultdict(set) bssid_to_ssid = {} cisco_reported_clients = [] + ssid_packet_counts = defaultdict(int) try: # Filter packets manually by timestamp @@ -374,7 +375,7 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel): if ssid: ssid_hidden_status[ssid] = hidden_ssid - + ssid_packet_counts[ssid] += 1 # Cisco Client Count if tag_number == '133': @@ -430,7 +431,8 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel): 'Min_Signal': min(signals) if signals else 0, 'Clients_Seen': len(ssid_clients.get(ssid, [])), 'CiscoAvgClients': round(mean(cisco_reported_clients), 2) if cisco_reported_clients else 0, - 'CiscoMaxClients': max(cisco_reported_clients) if cisco_reported_clients else 0 + 'CiscoMaxClients': max(cisco_reported_clients) if cisco_reported_clients else 0, + 'PacketCount': ssid_packet_counts[ssid] }) finally: @@ -516,7 +518,7 @@ def main(): with open(ssid_outfile, 'w', newline='', encoding='utf-8') as f: fieldnames = [ 'SSID', 'Hidden', 'Open', 'BSSID_Count', 'BSSIDs', 'Avg_Signal', 'Max_Signal', - 'Min_Signal', 'Clients_Seen', 'CiscoAvgClients', 'CiscoMaxClients' + 'Min_Signal', 'Clients_Seen', 'CiscoAvgClients', 'CiscoMaxClients', 'PacketCount' ] ssid_writer = csv.DictWriter(f, fieldnames=fieldnames) ssid_writer.writeheader()