[Discussion] Suricate logs data and then stops after about a minute

• Previous message (by thread): [Discussion] Suricate logs data and then stops after about a minute
• Next message (by thread): [Discussion] Ca I use Suricata in a local network?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

And I forgot to mention I’m using 2.1 beta 2 on CentOS 6.5 with all yum updates (including kernel 2.6).


On Dec 17, 2014, at 3:29 PM, Barkley, Joey <Joey.Barkley at ingramcontent.com<mailto:Joey.Barkley at ingramcontent.com>> wrote:

I’ve built Suricata according to the directions here https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS_64_Installation_(with_unix_socket_geoip_profiling_and_MD5_features).

Once done, I can get suricata configured with oinkmaster and it starts up. I’m logging to eve.json. I get about a minute’s worth of data and then it just stops. One core of the system is at 100%. RAM usage is at 16GB of 256GB available. System has 32 available cores.

Can anyone help me? I turned off flow and netflow just to make sure those weren’t slowing it down. There appear to be no errors in the suricata.log file.

Thanks,
Joey
_______________________________________________
Discussion mailing list
Discussion at lists.openinfosecfoundation.org<mailto:Discussion at lists.openinfosecfoundation.org>
https://lists.openinfosecfoundation.org/mailman/listinfo/discussion

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/discussion/attachments/20141217/92c1a0fa/attachment-0002.html>

• Previous message (by thread): [Discussion] Suricate logs data and then stops after about a minute
• Next message (by thread): [Discussion] Ca I use Suricata in a local network?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]