I would like to take a look at how to parse libpcap files in Hadoop. A problem is that the files are not easily ‘splittable’.  However, we can parse PCAP files using Java using PcapDumper (sample code in the distribution’s SVN): data needs to be serialized using protocol buffers. Watch for this patch.