What are your log sources? Servers, routers, ids, firewalls?
I don't know of any formula, as device type and environments are the
main driver of how logs are generated. Environments and device
configurations are very dynamic so it's really hard to calculate such
numbers ahead of time.
In my experience, Firewalls log the most events, followed by IDS, then
router, servers, switches, etc.
If you can provide more detail as to what you will be monitoring, maybe
we can help.
Thanks,
-Johnny
> -------- Original Message --------
> Subject: [logs] Calculating events per sec
> From: "Brian Byrne" <bbyrne (at) wareonearth (dot) com [email concealed]>
> Date: Wed, June 06, 2007 6:43 am
> To: <loganalysis (at) loganalysis (dot) org [email concealed]>
>
> Hello all,
>
> Long time listener, first time caller.
>
> I am working on putting together a SIMs package and one bit of info. I
> need
> is to calculate the events per second we expect to get. I don't know if
> there is well known formula for this but I didn't find one in my
> research.
> I was hoping the group could help.
>
> Thanks,
>
> B
>
>
>
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysis (at) loganalysis (dot) org [email concealed]
> http://www.loganalysis.org/mailman/listinfo/loganalysis
What are your log sources? Servers, routers, ids, firewalls?
I don't know of any formula, as device type and environments are the
main driver of how logs are generated. Environments and device
configurations are very dynamic so it's really hard to calculate such
numbers ahead of time.
In my experience, Firewalls log the most events, followed by IDS, then
router, servers, switches, etc.
If you can provide more detail as to what you will be monitoring, maybe
we can help.
Thanks,
-Johnny
> -------- Original Message --------
> Subject: [logs] Calculating events per sec
> From: "Brian Byrne" <bbyrne (at) wareonearth (dot) com [email concealed]>
> Date: Wed, June 06, 2007 6:43 am
> To: <loganalysis (at) loganalysis (dot) org [email concealed]>
>
> Hello all,
>
> Long time listener, first time caller.
>
> I am working on putting together a SIMs package and one bit of info. I
> need
> is to calculate the events per second we expect to get. I don't know if
> there is well known formula for this but I didn't find one in my
> research.
> I was hoping the group could help.
>
> Thanks,
>
> B
>
>
>
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysis (at) loganalysis (dot) org [email concealed]
> http://www.loganalysis.org/mailman/listinfo/loganalysis
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis
[ reply ]