[Oisf-devel] Finding pcap file processing time
Mahendra Ladhe
lml108 at yahoo.com
Fri Jul 4 07:21:26 UTC 2014
Hi,
I compiled Suricata on an x86 Ubuntu 12.04.4 host.
I ran it on a pcap file as follows.
$ ./suricata -r ~/purplehaze.pcap -k none
3/7/2014 -- 14:41:23 - <Notice> - This is Suricata version 2.0.2 RELEASE
3/7/2014 -- 14:41:32 - <Warning> - [ERRCODE: SC_ERR_NOT_SUPPORTED(225)] - Eve-log support not compiled in. Reconfigure/recompile with libjansson and its development files installed to add eve-log support.
3/7/2014 -- 14:41:32 - <Notice> - all 4 packet processing threads, 3 management threads initialized, engine started.
3/7/2014 -- 14:41:45 - <Notice> - Signal Received. Stopping engine.
3/7/2014 -- 14:41:45 - <Notice> - Pcap-file module read 324711 packets, 236414266 bytes
I want to do performance measurement of Suricata using pcap files, basically how much time Suricata took to process the given pcap file.
Doesn't Suricata, like Snort print this info ?
Does one have to manually calculate the time from the log (copied above) ?
Thank you,
Mahendra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20140704/2ec4beff/attachment.html>
More information about the Oisf-devel
mailing list