[Bro] traffic vs log size
Brian Wylie
briford.wylie at gmail.com
Sun Sep 24 14:52:31 PDT 2017
Hi All,
I know these questions have lots of variables and 'it depends' but modulo
that, I'm looking for anecdotal information on the 'data reduction' that
happens with bro logs.
Example:
- The tap/span sees 2TBytes of traffic per day.
- All the bro logs files for that day are approx 4GBytes on disk.
So in this case the log files are giving about a 500x reduction in data.
Again I know there are lots of factors.. just looking for a few data points
from folks running Bro on a daily basis. In particular I'd like to get
numbers for uncompressed log sizes.
Thanks in advance,
-Bri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170924/9e416e75/attachment.html
More information about the Bro
mailing list