That’s really neat. One of my long-term-roadmap things is to have a small program operators can run that’ll use pcap (for example) to capture ntp packets and do analytics on them.
Optionally it could also send summary data or sampled data to a central service that could process the data similarly to what you did with Grafana.
How are you storing the data to do the visualization?