Wosonkhanitsa wa Xenoeye Netflow akupezeka, omwe amakulolani kuti mutenge ziwerengero zamagalimoto othamanga kuchokera ku zipangizo zosiyanasiyana zapaintaneti, zomwe zimafalitsidwa pogwiritsa ntchito ndondomeko za Netflow v9 ndi IPFIX, ndondomeko ya deta, kupanga malipoti ndi kupanga ma grafu. Kuonjezera apo, wosonkhanitsa akhoza kuyendetsa zolemba zachizolowezi pamene malire adutsa. Pakatikati pa polojekitiyi idalembedwa mu C, code imagawidwa pansi pa layisensi ya ISC.
Zofunika Zotolera:
- Deta yophatikizidwa ndi magawo ofunikira a Netflow imatumizidwa ku PostgreSQL. Pre-aggregation imachitika mkati mwa mosungira.
- Kuchokera m'bokosilo, magawo oyambira a Netflow amathandizidwa, koma mutha kuwonjezera pafupifupi gawo lililonse.
- Kuchita kwa osonkhanitsa, kutengera mtundu wa magalimoto ndi malipoti, kumatha kufika mazana angapo "kuthamanga pamphindikati" pa CPU imodzi. Njira yogawa katundu ndi chipangizo (rauta) pakuyenda.
- Wosonkhanitsa amagwiritsa ntchito ma avareji osuntha kuti awerengere kuthamanga kwa magalimoto.
- Wosonkhanitsa angagwiritsidwe ntchito kufufuza omwe ali ndi kachilombo (kutumiza sipamu, HTTP (S) -sefukira, ma scanner a SSH), kuti azindikire kuphulika kwadzidzidzi panthawi ya DoS / DDoS.
- Malipoti apakompyuta amatha kuwonedwa pogwiritsa ntchito zida zosiyanasiyana: gnuplot, Python scripts + Matplotlib, pogwiritsa ntchito Grafana
- Mosiyana ndi osonkhanitsa ambiri amakono, polojekitiyi sigwiritsa ntchito Apache Kafka, Elastic, etc., mawerengedwe akuluakulu amachitika mkati mwa wosonkhanitsa yekha.
Source: opennet.ru