[Oisf-devel] how to tune suricata.yaml if I only record http access log with suricata
Martin Holste
mcholste at gmail.com
Thu Sep 15 05:04:47 UTC 2011
Suricata is the wrong tool for that job. Use httpry if you only want to
record http logs.
On Wednesday, September 14, 2011, Delta Yeh <delta.yeh at gmail.com> wrote:
> Hi,
> If I use suricata only to record http access log, that means I
> don't need any IDS signature,
> how to tune suricata.yaml to minimize the memory of suricata and gain
> highest performance.
> For example, how to set detect-engine and mpm-algo ?
>
> BR,
> DeltaY
> _______________________________________________
> Oisf-devel mailing list
> Oisf-devel at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20110915/9651e4ef/attachment-0002.html>
More information about the Oisf-devel
mailing list