[dns-operations] Taste of future - DSC2
Bedrich Kosata
bedrich.kosata at nic.cz
Wed Aug 17 14:01:24 UTC 2011
Hi Rickard,
we really like PacketQ and we would like to use it in DSC2 as well.
One of the uses would be as a replacement for the collector process,
which would be replaced by a simple pcap dump. The produces pcap file
would then be mined via PacketQ and possibly stored for later use.
A second and more interesting use would be to connect each data point in
DSC with a link to a pcap file and allow the user to go from a selected
data point in DSC directly to PacketQ GUI and examine and incident or
irregularity in more detail.
Such an arrangement would give the user ultimate power to analyze his
data both at the macro and microscopic levels.
I hope that we will soon be able to demonstrate such a functionality in
a live demo.
Best regards
Beda
On 08/17/2011 02:55 PM, Rickard Dahlstrand wrote:
> Hi Ondřej,
>
> Have you had a look at our new tool PacketQ https://github.com/dotse/packetq/wiki , it's really fast for processing PCAP-files offline, eats SQL-queries directly and might give you a more flexible solution for processing the traffic.
>
> We have build a solution the runs statistics on the collected PCAPs every 5 minutes and stores them as .JSON-files. PacketQ can then process these JSON for a day, week, month or year in seconds and feed these using AJAX/JSON to a simple jQuery-GUI.
>
> I recently recorded this screencast to show off some of the capabilities, it's available here: http://www.youtube.com/watch?v=70wJmWZE9tY
>
> Rickard.
>
> 17 aug 2011 kl. 14:42 skrev Ondřej Surý:
>
>> Hi,
>>
>> this is really WIP, but you can taste what we are working here
>> based on the last year discussion on the future of DSC:
>>
>> http://devpub.labs.nic.cz/dsc_ng/test_dygraph/
>>
>> Works best in a modern browser.
>>
>> The graphs there are based on the real data from DSC collector,
>> which are imported into the PostgreSQL database and presented
>> on top of the Django framework (go, go, Python).
>>
>> We plan to implement more eyecandy like graph mashups, and more.
>>
>> It's not the "show the code" quality yet, but we will release
>> the source code to play with in few weeks.
>>
>> O.
>> --
>> Ondřej Surý
>> vedoucí výzkumu/Head of R&D department
>> -------------------------------------------
>> CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
>> Americka 23, 120 00 Praha 2, Czech Republic
>> mailto:ondrej.sury at nic.cz http://nic.cz/
>> tel:+420.222745110 fax:+420.222745112
>> -------------------------------------------
>>
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>> dns-jobs mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
--
Bedrich Kosata
CZ.NIC Labs <http://labs.nic.cz>
More information about the dns-operations
mailing list