[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] MSGS from BBWin client goes purple
- To: hobbit (at) hswn.dk
- Subject: Re: [hobbit] MSGS from BBWin client goes purple
- From: "Etienne Grignon" <etienne.grignon (at) gmail.com>
- Date: Wed, 11 Jun 2008 13:36:52 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=Z2V4qux76NSzLZ9v2ZfshBC+VdMAcmd9ssWqSXwNkVc=; b=Mh/uzKcvtLFMQDmJhNddtRtFl+aUFTjRiFF5AQgArY8MrT7k/dFXbe50FPXZMC3L65 FQvvT14QVjaGJd/NKXgfkvc8tYNoJKUj8xRce4znU5U/4gM6pCNYlmVTauGHwF781t0y HYGUP6sDM/OYBrvzzBImqEe+oyENMjNWIEHt0=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=D8NiEWVuyZLaS14Yy8CMztcBOkxmCDlse7xfBVgvD2FZNRozGsUMlhOQfdUNPFvYGx AFViYbPukCLbKwKoEJIjyU4fm4JhzVEvmZav3r1Hme94ZY9Ul+RCjHlBFXRA09hRtMka fptYtLOfcYtjc5pPhjwfWBVL+gK/seMjaKkk4=
- References: <480E3C5E.3070402 (at) redix.com.br> <68e737a10804250844t1074b23p88a69928a3840d2f (at) mail.gmail.com> <48121833.4040202 (at) redix.com.br>
Hi Ricardo,
2008/4/25 Ricardo Alberto Schutz <ricardo (at) redix.com.br>:
> Well, I surely can't count on my fingers how many events are generated every
> minute. But I can say it gets close to 200 security events per second. What
> would result in something about 360k events every 30 minutes.
>
> Hobbit client shouldn't analyze these events and return to the server only
> the matching ones?
>
If you have rules for the security event log, BBWin will parse every
event from the last 30 minutes. So, 360k events takes some time to be
parsed every 5 minutes.
Regards,
--
Etienne GRIGNON