[Oisf-devel] Finding pcap file processing time
Victor Julien
victor at inliniac.net
Fri Jul 4 07:22:34 UTC 2014
On 07/04/2014 09:21 AM, Mahendra Ladhe wrote:
> Hi,
> I compiled Suricata on an x86 Ubuntu 12.04.4 host.
> I ran it on a pcap file as follows.
>
> $ ./suricata -r ~/purplehaze.pcap -k none
> 3/7/2014 -- 14:41:23 - <Notice> - This is Suricata version 2.0.2 RELEASE
> 3/7/2014 -- 14:41:32 - <Warning> - [ERRCODE: SC_ERR_NOT_SUPPORTED(225)]
> - Eve-log support not compiled in. Reconfigure/recompile with libjansson
> and its development files installed to add eve-log support.
> 3/7/2014 -- 14:41:32 - <Notice> - all 4 packet processing threads, 3
> management threads initialized, engine started.
> 3/7/2014 -- 14:41:45 - <Notice> - Signal Received. Stopping engine.
> 3/7/2014 -- 14:41:45 - <Notice> - Pcap-file module read 324711 packets,
> 236414266 bytes
>
> I want to do performance measurement of Suricata using pcap files,
> basically how much time Suricata took to process the given pcap file.
> Doesn't Suricata, like Snort print this info ?
> Does one have to manually calculate the time from the log (copied above) ?
Add -v to your commandline.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list