[Bro] traffic vs log size
briford.wylie at gmail.com
Sun Sep 24 14:52:31 PDT 2017
I know these questions have lots of variables and 'it depends' but modulo
that, I'm looking for anecdotal information on the 'data reduction' that
happens with bro logs.
- The tap/span sees 2TBytes of traffic per day.
- All the bro logs files for that day are approx 4GBytes on disk.
So in this case the log files are giving about a 500x reduction in data.
Again I know there are lots of factors.. just looking for a few data points
from folks running Bro on a daily basis. In particular I'd like to get
numbers for uncompressed log sizes.
Thanks in advance,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro