|
Network Analytics: Data Acquisition | Data Mining | Security | Visualization Data AcquisitionNumerous points in and around LANL's networks are used to continuously monitor network activity. Flow records are assembled into logs by collecting summary information from routers (cflowd), and by processing packet captures from specialized tap points (NetHead). These flow logs store basic summary information about each network session as unformatted text. LANL's System for Modular Analysis and Continuous Query (SMACQ) provides an efficient interface for making ad-hoc, simple, or relational queries and extracting data from these unindexed files. |