couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <jch...@apache.org>
Subject Re: Collaborative Network Forensics
Date Thu, 27 Aug 2009 20:44:41 GMT
On Mon, Aug 24, 2009 at 9:47 PM, kowsik<kowsik@gmail.com> wrote:
> We set out to build pcapr as "packets meet web 2.0". Historically
> packets have been relegated to tools written to be more command-line
> oriented and we wanted to change that. Packets carry a wealth of
> information and nothing better than web 2.0 (which to me is a way of
> interacting and visualizing things in the browser) to bring out the
> best in these little pesky beasts. Pcapr is somewhat unique in that it
> bridges a wide array of folks with very different expertise (jquery,
> javascript, couchdb, network/packet/security geeks, forensics,
> operators and firewall/ips vendors). For the most part people only see
> and interact with the application and are agnostic to the fact that
> it's couchdb.
>
> OTOH, the fact that we use couch is what enables us to very rapidly
> iterate and deliver such sexy applications (I might be biased!)
> without having to worry about schema and joins and such nastiness.
>
> We are mostly using the map/reduce capabilities of couch. As I mention
> it in my JS3 blog, that fact that pcapr is a three-tiered javascript
> app means there's less data translation and less layers and that means
> fast iteration with less things breaking.
>
> For the record, "beam" has been running with 0.4% memory utilization
> for the past 3 months. All view updates and document format changes
> have all been on the fly without bringing anything down. Super cool.
>
> K.
>

Next time there's a CouchDB conference, you'll have to give a
case-study talk! This sounds like good material.

> On Mon, Aug 24, 2009 at 1:25 PM, Chris Anderson<jchris@apache.org> wrote:
>> On Sun, Aug 23, 2009 at 3:00 PM, kowsik<kowsik@gmail.com> wrote:
>>> 15.0 GBytes, 26.3 million packets, contextual search and instant
>>> access to packets, not to mention HN/Twitter-style one-liners attached
>>> to packets and searches for a community oriented forensics
>>> application.
>>>
>>> http://bit.ly/12I62D for the blog and
>>> http://www.pcapr.net/forensics for the app
>>>
>>> Still no sql. :-)
>>
>> This is really cool - thanks for sharing.
>>
>> I'm not so in depth with the network security community - are people
>> who understand this stuff getting into it? Are you taking advantage of
>> the ability to publish data via CouchDB replication?
>>
>> Cheers,
>> Chris
>>
>>>
>>> K.
>>> ---
>>> http://labs.mudynamics.com
>>> http://twitter.com/pcapr
>>>
>>
>>
>>
>> --
>> Chris Anderson
>> http://jchrisa.net
>> http://couch.io
>>
>



-- 
Chris Anderson
http://jchrisa.net
http://couch.io

Mime
View raw message