How many days of network traffic should the log file include?


Skyfence Cloud Discovery tool can analyze multiple log files from small to a very large in size.  There is no specific rule to have a specific size file, but it is always better to have a log file spanning at least a week to a month or more and consists of good distribution of user traffic within it. It is difficult to predict such distribution, but better to avoid log files obtained when many in the company is on an offsite meeting or conference.  

User traffic is usually contained in logs of security devices like firewall, proxy/web proxy, network security monitors such as ids, etc.  Hence it is recommended to work with network administrators who manage them to export traffic logs to .csv or table formatted files with specific fields which will be useful for analysis.

Have more questions? Submit a request


Powered by Zendesk