Hello, We need to log traffic for law purposes and store it somewhere (data retention required in EU). In past we were doing it on our Linux boxes while making QoS. Now we wanted to try it with nprobe and netflow.
I can think of two approaches: - do it in nprobe and dump flows to text files, but - what about perfromance and also can we filter them to only include TCP established sessions? - do it in nfdump on collector side, but it is very low performance, it takes about 40 minutes to parse one day flows (about 15 to 18 gigs of nfcapd files) Any other ideas? :) Thanks! -- Michał Margula, [email protected], http://alchemyx.uznam.net.pl/ "W życiu piękne są tylko chwile" [Ryszard Riedel] _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
