[Oisf-users] Re : Record traffic as soon as a thread is detected
Jean-Michel Pouré
jm at poure.com
Fri Sep 29 08:58:26 UTC 2017
Le jeudi 28 septembre 2017 à 15:19 -0700, Cooper F. Nelson a écrit :
> > More generally, what kind of tool except a syslog server to you use
> to
> > study attacks (sorry for this general question) and record traffic
> in a
> > smart way?
>
> https://github.com/aol/moloch
Moloch seems to rock, but what do you think of Elastic Seach (ES)? I
participated in some PostgreSQL dev and looking at ES, ES looks like
chaos. ES does not even provide authentication.
Why do some guys even **think** about using those old technologies when
PostgreSQL provides all foundations to implement the same features, but
in a real database.
OK, now I gotta ask on the ML if PostgreSQL is in the radar...
More information about the Oisf-users
mailing list