[Bro] traffic vs log size
Zeolla@GMail.com
zeolla at gmail.com
Mon Sep 25 04:49:15 PDT 2017
My bro sensors are sent about 56TB/day and log around 600GB/day
uncompressed.
Jon
On Sun, Sep 24, 2017, 18:02 Brian Wylie <briford.wylie at gmail.com> wrote:
> Hi All,
>
> I know these questions have lots of variables and 'it depends' but modulo
> that, I'm looking for anecdotal information on the 'data reduction' that
> happens with bro logs.
>
> Example:
> - The tap/span sees 2TBytes of traffic per day.
> - All the bro logs files for that day are approx 4GBytes on disk.
>
> So in this case the log files are giving about a 500x reduction in data.
> Again I know there are lots of factors.. just looking for a few data points
> from folks running Bro on a daily basis. In particular I'd like to get
> numbers for uncompressed log sizes.
>
> Thanks in advance,
> -Bri
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
--
Jon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170925/37525788/attachment.html
More information about the Bro
mailing list