【NetEyez Use Case #4】Huge Traffic at nighttime
〈Incident Description〉
At Company A, the network administrator, while examining the traffic statistics of the Internet gateway using the MRTG tool, noticed an abnormal occurrence of traffic one night. An unusually high volume of traffic was being transmitted from the internal network to the Internet. (Multi Router Traffic Grapher)
From around 9:00 PM until the next morning at 9:00 AM, the upstream traffic consistently remained at or near the bandwidth limit (100 Mbps), as indicated by the green graph.
〈Cause Investigation〉
Using NetEyez, an investigation into the Internet communication during the relevant time frame on the specified day was conducted. By dragging the mouse over the trend graph of the number of communication IP hosts and selecting the time range, it was observed that there was approximately 1TB of communication from a host named UPLOAD_SERVER during that period.
〈Solution〉
a Large-scale File Upload to a Cloud Server
by Automated Processes
An interview was conducted with person in charge of UPLOAD_SERVER generating significant traffic.
The personnel utilized automated processes during the evening to execute a large-scale file upload from the on-premises UPLOAD_SERVER to a cloud server on the internet. However, an error occurred midway through the process, resulting in repeated retries, and until the next morning, the processing had not been completed. Consequently, the personnel decided to halt the upload process at that point.
Since this incident occurred during the night, it did not have a significant impact on the tasks of other employees. However, caution was advised to the personnel for future similar tasks to avoid such issues.
NetEyez Use Case
Click here for details about NeEyez.