Yes -- every X number of requests over the initial threshold -- a simple if and mod.<br><br><div><span class="gmail_quote">On 12/4/06, <b class="gmail_sendername">Jed Reynolds</b> <<a href="mailto:lists@benrey.is-a-geek.net">
lists@benrey.is-a-geek.net</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Jason Pirkey wrote:<br>> Jed:<br>><br>
> If you are analyizing for attacks, it would be easier to do a real<br>> time analysis with memcached, because at that point you will have the<br>> IP address you are looking for -- do a hit to memcache to get its
<br>> counter and act accordingly (saving it to the database for later<br>> analysis if it hits a certain threshold for instance. This way you<br>> will not have to do scanning of memcache and post processing.<br>
<br>Good idea, Jason, thanks! So if I'm tracking a high volume IP the way to<br>track them is to record their status to database every 1,000 requests<br>(e.g.) and not every request over the threshold.<br><br>Jed<br></blockquote>
</div><br>