公开(公告)号：US11100046B2

公开(公告)日：2021-08-24

申请号：US15006075

申请日：2016-01-25

Applicant: International Business Machines Corporation

Inventor： Russell L Couturier ,  Vijay Dheap ,  Derek T Lohnes ,  Ben A Wuest

IPC: G06F16/16 ,  H04L29/06 ,  G06F16/11

Abstract: A method, apparatus and computer program product for selectively storing network traffic data are described. Network traffic is stored according to a first packet filtering policy in a first repository. The stored network traffic is scanned in the first repository according to a second packet filtering policy to identify a subset of network traffic for archiving. The identified subset of network traffic identified by the second packet filtering policy are forensically interesting packets concerning a security issue. The identified subset of network traffic from the first repository is then stored in a second repository.