[Oisf-devel] how to tune suricata.yaml if I only record http access log with suricata

Martin Holste mcholste at gmail.com
Thu Sep 15 05:04:47 UTC 2011


Suricata is the wrong tool for that job.  Use httpry if you only want to
record http logs.

On Wednesday, September 14, 2011, Delta Yeh <delta.yeh at gmail.com> wrote:
> Hi,
>  If  I use suricata only to record http  access log, that means I
> don't need any IDS signature,
> how to tune suricata.yaml to minimize the memory  of suricata and gain
> highest performance.
>  For example, how to set detect-engine  and mpm-algo ?
>
> BR,
> DeltaY
> _______________________________________________
> Oisf-devel mailing list
> Oisf-devel at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20110915/9651e4ef/attachment-0002.html>


More information about the Oisf-devel mailing list