As the sophisticated attacks are increased continuously, the attack analysis technologies are getting more important. It is needed to collect attack related information or data first for the attack analysis. But attackers make an effort to get rid of all the attack related information that they can find and adopt anti-forensic technologies as well, so it is quite difficult to collect sufficient information for attack analysis. For further analysis network traffic could be a good candidate. It could not be removed by the attackers and has a lot of information about what the attackers were doing. However, network traffic is volatile information and only exist while they are being transmitted. Therefore, in order to collect network packets they have to be stored while they are being transmitted in real time. Besides, network traffic is huge amount of volatile data so it should be captured and stored on a mass storage device. For that we propose a Traffic storing and Related Information Generation system for cyberattack analysis, TRIG, which can store 20Gbps network traffic in real time and generate various traffic related information at the same time for further analysis.