Hello,
Have you guys considered including the option to save a given amount of data upon events (for instance, “first network activity”)? Possibly auto uploading to virustotal? Considering suser and duser like in ra: http://qosient.com/argus/man/man1/ra.1.pdf
I love this app and there is a lot of potential!
Thanks,
Matt
Matt,
Cool idea. We have considered doing something similar but if we sent major traffic to VirusTotal we worried they may get upset with us. Building a little “Upload VirusTotal” button might be OK with them.
Great. Makes sense. Looks like each you can make it so each user would have their own VirusTotal API key. But the ability to capture a given amount of bytes would be very useful.