Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 2002 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Monitoring - Best Practices

ciscoman
Hi,
how is possible to identify the source of peak network usage?

Lets assume your ASG has multiple tasks liky proxy, vpn, mail and other stuff.

Just an example on the external interface:
looking into ASG network usage graphs, you might see a permanent, average network stream between 30-50 Mbps. Sometimes there are peaks with 150 Mbps (10 minutes).

It is now possible to determin the exact date and throughput. You might also be able to find the amount of data of a specific client below the accounting tab.
But, I' nearly blind to see who causes the peaks in the network usage.

http.log, ipsec.log, packetfilter.log does not really help
iftop does only help in real time when your recognize the peaks.

Any tipps?
Thanks
Stefan


This thread was automatically locked due to age.
Parents
  • 0
    I would think the http content filter log would include the Bytes Transferred for each connection.

    If not, your best choice might be to setup a netflow type system; there is lots of free software available.

    IMHO, Astaro should provide more direct access to the accounting database, with an SQL interface if nothing else.

    Barry
Reply
  • 0
    I would think the http content filter log would include the Bytes Transferred for each connection.

    If not, your best choice might be to setup a netflow type system; there is lots of free software available.

    IMHO, Astaro should provide more direct access to the accounting database, with an SQL interface if nothing else.

    Barry
Children
No Data