Mada R Perdhana <[email protected]> writes:
> does anyone here know the best application for distributed packet logger,
> which will sniff all packet in the network and log all the packet into
> database such as postgre or oracle. it should be strong enough to handle a
> crowded data traffic and it should be open source, I already check snort and
> preludeIDS, so I need another alternative.
This sounds like the sort of application NetFLOW was built for, since it is
designed to capture and report network traffic to a central source for
processing, including logging.
However, your examples, snort and pleludeIDS, are specifically intrusion
detection systems, which NetFLOW isn't aimed at; it is mostly used for flow
monitoring and metrics.
Finally, the ulog-acctd and ulogd tools with Linux can both theoretically dump
packet traces to a database back-end. If you have sufficient connectivity you
can use that and a network database connection to capture things.
Just watch out that you don't record the database connection itself, causing
traffic to be logged, which in turn causes network traffic...
What are you wanting to do with the details you record, and what do you want
to use them for?
Daniel
--
✣ Daniel Pittman ✉ [email protected] ☎ +61 401 155 707
♽ made with 100 percent post-consumer electrons
Looking for work? Love Perl? In Melbourne, Australia? We are hiring.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
