[netsa-tools-discuss] More beginner questions
Keith Miller
orekdm at gmail.com
Fri Sep 19 15:20:37 EDT 2014
Greetings,
We've definitely decided to start utilizing your ecosystem, but have a few
questions.
Is there a native way to ingest sFlow records, or will I need to use a tool
like sflowtool to convert them to PCAP before feeding to yaf as a file?
Is there any documentation about the practical limits of Analysis Pipeline
and watchlist scalability? My initial target is to monitor for 200K ip's
with an initial rate of 50MB/s peak. But is there anything that would
stop me from scaling that up to millions of IP's at 1GB/s?
Last, are there any reference architectures available that speak to HA
deployments at the aforementioned scales?
Thanks in advance!
Keith Miller
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the netsa-tools-discuss
mailing list