[Oisf-users] Re : Record traffic as soon as a thread is detected

Jean-Michel Pouré jm at poure.com
Fri Sep 29 08:58:26 UTC 2017

Le jeudi 28 septembre 2017 à 15:19 -0700, Cooper F. Nelson a écrit :
> > More generally, what kind of tool except a syslog server to you use
> to
> > study attacks (sorry for this general question) and record traffic
> in a
> > smart way?
> https://github.com/aol/moloch

Moloch seems to rock, but what do you think of Elastic Seach (ES)? I
participated in some PostgreSQL dev and looking at ES, ES looks like
chaos. ES does not even provide authentication.

Why do some guys even **think** about using those old technologies when
PostgreSQL provides all foundations to implement the same features, but
in a real database.

OK, now I gotta ask on the ML if PostgreSQL is in the radar...

More information about the Oisf-users mailing list