On Wed, 2 Nov 2005, Mike McGrath wrote:
-----Original Message-----
From: fedora-list-bounces@xxxxxxxxxx
[mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Justin Zygmont
Sent: Wednesday, November 02, 2005 8:55 PM
To: fedora-list@xxxxxxxxxx
Subject: syslog traffic analyzers
I was wondering if anyone had any recommendations for a
traffic analyzer that will read from a syslog file, and not
just by binding to the network interface in promiscuous mode.
I was hoping to find a program that will show traffic usage
by IP address, many of them just show the total traffic statistics.
I don't know of any way to get network information from a syslog file?
I've used ntop in the past, I believe it had the information you are
looking for but required binding to the network interface and running in
promiscuous mode. If you're looking to monitor network information on a
number of machines on your network that you control I'd suggest cacti
and SNMP.
http://freshmeat.net/projects/cacti/
Many network appliances allow output to a remote syslog server, so this
would be a file seperate from the linux server's syslog.
