17 lines
831 B
Plaintext
17 lines
831 B
Plaintext
|
Aguri is an aggregation-based traffic profiler targeted for
|
||
|
|
near real-time, long-term, and wide-area traffic monitoring.
|
||
|
|
Aguri adapts itself to spatial traffic distribution by
|
||
|
|
aggregating small volume flows into aggregates, and achieves
|
||
|
|
temporal aggregation by creating a summary of summaries applying
|
||
|
|
the same algorithm to its outputs.
|
||
|
|
A set of scripts are used for archiving and visualizing summaries
|
||
|
|
in different time scales. Aguri does not need a predefined rule
|
||
|
|
set and is capable of detecting an unexpected increase of unknown
|
||
|
|
protocols or DoS attacks, which considerably simplifies the task
|
||
|
|
of network monitoring.
|
||
|
|
|
||
|
|
Aguri monitors network traffic using libpcap(3), and produces a
|
||
|
|
summary when it receives a HUP signal. Periodic summaries can be
|
||
|
|
obtained by sending HUP signals from cron(8) to the running aguri
|
||
|
|
program.
|