Hello, We recently faced an issue recently where the read traffic on a big Cassandra cluster shot up several times (think more than 20 times).
However, the client team denies sending any huge load and they have their own traffic graphs to prove the same. Assuming the client team's graphs are correct, how do we know the source of traffic ? Slow query logging is enabled, but it only logs queries after a certain threshold, so not very helpful. Secondly, we do not know when the incidence will re-occur. So how do we solve such a problem and put some monitoring in place that shows the source of such huge spikes when it happens next time. Thinking of trying *lsof -i *and *netstat -tn* commands in a per-minute cron on each server but they only show connections from clients, not how many requests in those connections. Any suggestions on how to go about this? Thanks !
