Xenoeye Netflow collector muaj, uas tso cai rau koj los sau cov txheeb cais ntawm kev khiav tsheb khiav los ntawm ntau lub network, xa mus siv Netflow v9 thiab IPFIX raws tu qauv, txheej txheem cov ntaub ntawv, tsim cov ntawv ceeb toom thiab tsim cov duab. Tsis tas li ntawd, tus neeg sau tuaj yeem khiav cov ntawv sau kev cai thaum muaj ntau dua. Lub hauv paus ntawm qhov project yog sau rau hauv C, tus lej raug faib raws li daim ntawv tso cai ISC.
Cov Khoom Muag Khoom Muag:
- Cov ntaub ntawv sib sau ua ke los ntawm qhov xav tau Netflow teb raug xa tawm mus rau PostgreSQL. Pre-aggregation tshwm sim nyob rau hauv lub reservoir.
- Tawm ntawm lub thawv, tsuas yog cov txheej txheem ntawm Netflow teb tau txais kev txhawb nqa, tab sis koj tuaj yeem ntxiv yuav luag txhua qhov chaw.
- Kev ua tau zoo ntawm tus neeg sau khoom, nyob ntawm qhov xwm txheej ntawm kev khiav tsheb thiab cov ntawv tshaj tawm, tuaj yeem ncav cuag ntau pua txhiab "ntws ib ob" ntawm ib lub CPU. Tus qauv thauj khoom yog ib lub cuab yeej (router) ib ntws.
- Tus neeg sau khoom siv qhov nruab nrab txav mus los suav cov tsheb khiav ceev.
- Cov neeg sau tuaj yeem siv los tshawb nrhiav cov neeg muaj kab mob (xa email spam, HTTP(S)- dej nyab, SSH scanners), txhawm rau txheeb xyuas qhov tawg sai thaum DoS / DDoS tawm tsam.
- Cov ntaub ntawv qhia txog lub network tuaj yeem pom tau siv cov khoom siv sib txawv: gnuplot, Python scripts + Matplotlib, siv Grafana
- Tsis zoo li ntau cov neeg sau niaj hnub no, qhov project tsis siv Apache Kafka, Elastic, thiab lwm yam, cov kev suav tseem ceeb tshwm sim hauv cov khoom siv nws tus kheej.
Tau qhov twg los: opennet.ru