search

rixed / ramen

A stream processing language and compiler for small-scale monitoring
Other
14 stars 4 forks source link

Default configuration for Port scan and IP scan detector #196

Closed rixed closed 6 years ago

rixed commented 6 years ago

Also, move the DDoS detector into examples/programs/monitoring

rixed commented 6 years ago

depends on #236 for making use of netflow tcp_flag fields.

rixed commented 6 years ago

Also depends on #237 for selecting the top clients in the port scanner detector.