Volumes of Network metadata

So I'm doing a firewall ruleset review for a customer and decide to create a toy database just to play around with some queries on the logs...~55 million rows and 19G later...this is why people who ask for full event correlation usually don't know what they're asking for. The volumes of data involved are large. And I'm not not talking about session captures above. That's just "this ip address tried talking to this ip address on this udp port and was dropped on this interface of this firewall at this time"...On the plus side, iPods are now up to 80G!

powered by performancing firefox