[Oisf-devel] how to tune suricata.yaml if I only record http access log with suricata
Delta Yeh
delta.yeh at gmail.com
Thu Sep 15 05:20:36 UTC 2011
Thank you for you info.
What I try to do is to test the memory/cpu resource suricata require
w/o signature.
There is some doc on high performance, but there is no doc with empty signature.
2011/9/15 Martin Holste <mcholste at gmail.com>:
> Suricata is the wrong tool for that job. Use httpry if you only want to
> record http logs.
>
> On Wednesday, September 14, 2011, Delta Yeh <delta.yeh at gmail.com> wrote:
>> Hi,
>> If I use suricata only to record http access log, that means I
>> don't need any IDS signature,
>> how to tune suricata.yaml to minimize the memory of suricata and gain
>> highest performance.
>> For example, how to set detect-engine and mpm-algo ?
>>
>> BR,
>> DeltaY
>> _______________________________________________
>> Oisf-devel mailing list
>> Oisf-devel at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
>>
More information about the Oisf-devel
mailing list