For me, performing a DDoS on an web application is not a security issue because any data are corrupted nor leaked. Tryton as web application can not do anything to prevent DDoS, this has to be managed at the network level and/or at the server web level. Also your patch doesn't fix any DDoS at all. An attacker will start new connection instead of waiting the 3 seconds. About your metrics, I see no useful metrics. What is the rate of disk space filled? In how must time will a standard disk size be filled? I have the feeling that the log file is growing faster that the database because it is plain text with much more data. I'm pretty sure that running the SQL query I gave when alert about disk space is raised is very enough.
|2016-03-08 19:53:16||ced||set||messageid: <firstname.lastname@example.org>|
|2016-03-08 19:53:16||ced||set||recipients: + bch, yangoon, nicoe, sharkcz, meanmicio, smarro, ajacoutot|
|2016-03-08 19:53:16||ced||link||issue5375 messages|
Showing 10 items. Show all history (warning: this could be VERY long)