[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0.2-23-g9ec23bd
OISF Git
noreply at openinfosecfoundation.org
Fri Jul 18 12:32:39 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 9ec23bd59302b296868fd7b72c5f550713f5d62e (commit)
via be1979b2f9df6c7b470906f7275864a9f97bfde2 (commit)
via 6cebe7ef7bafc3fd7b6580f86be831935cd4b906 (commit)
via 923341fa058388275aad7399952c40d2ab2fc884 (commit)
via 4922cd2d3699a2dcb472adee7569894105f14083 (commit)
via bbc8c1ea05fd73a85ddf70869861db09e26c4129 (commit)
via cf4db4793160ad3d9fe10fda4b14ae0a9bb2048f (commit)
via adde58d2cbbc67c5dee520d86bd2d206918822d6 (commit)
via f6c5b1715fb1d65e243fe3c5dec202d27fc975dc (commit)
via 1af2f6528b15c5392921347d0ebd69f994d07349 (commit)
via fd7dd09f4cbbebc9f8cc8887e57c1d79233ce19d (commit)
from ed84c8795ded13524574cc488281c3d1e69c2023 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9ec23bd59302b296868fd7b72c5f550713f5d62e
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jun 10 11:22:15 2014 +0200
pcap log: document multi option
Add yaml documentation for new 'multi' option.
commit be1979b2f9df6c7b470906f7275864a9f97bfde2
Author: Victor Julien <victor at inliniac.net>
Date: Fri Jun 6 16:05:11 2014 +0200
pcap-log: support dynamic file names in multi
When using multi mode, the filename can use a few variables:
%n -- thread number, where the 1st thread has 1, and it increments
%i -- thread id (system thread id, similar to pid)
%t -- timestamp, where seconds or seconds+usecs depends on
the ts-format option.
Example:
filename: filename: pcaps/%n/pcap.%t
This will translate to: pcaps/3/pcap.1256792217 for the 3rd thread.
Note that while it's possible to use directories, they won't be
created. So make sure they exist.
commit 6cebe7ef7bafc3fd7b6580f86be831935cd4b906
Author: Victor Julien <victor at inliniac.net>
Date: Tue Feb 25 17:04:24 2014 +0100
pcap-log: performance optimizations
This patch adds a field 'is_private' to PcapLogData, so that the
using thread knows if it needs to lock access to it or not.
Reshuffle PcapLogData to roughly match order of access.
commit 923341fa058388275aad7399952c40d2ab2fc884
Author: Victor Julien <victor at inliniac.net>
Date: Tue Feb 25 14:43:33 2014 +0100
pcap-log: implement multi mode
This patch implements a new mode in pcap-logging: 'multi'. It stores
a pcap file per logger thread, instead of just one file globally.
This removes lock contention, so it brings a lot more performance.
The trade off is that there are now mulitple files where there would
be one before.
Files have a thread id added to their name: base_name.tid.ts, so by
we have something like: "log.pcap.20057.1254500095".
commit 4922cd2d3699a2dcb472adee7569894105f14083
Author: Victor Julien <victor at inliniac.net>
Date: Tue Feb 25 11:59:05 2014 +0100
pcap-log: introduce PcapLogThreadData
PcapLog uses the global data structure PcapLogData as thread data
as well. This is possible because all operations on it are locked.
This patch introduces PcapLogThreadData. It contains a pointer to
the PcapLogData. Currently to the global instance, but in the future
it may hold a thread-local instance of PcapLogData.
commit bbc8c1ea05fd73a85ddf70869861db09e26c4129
Author: Victor Julien <victor at inliniac.net>
Date: Tue Feb 25 11:45:10 2014 +0100
log-pcap: multi mode yaml parsing
In preparation of the multi file mode, add 'multi' as a value to
the mode.
commit cf4db4793160ad3d9fe10fda4b14ae0a9bb2048f
Author: Victor Julien <victor at inliniac.net>
Date: Tue Feb 25 10:43:23 2014 +0100
log-pcap: lock profiling
Add lock profiling to pcap logging profiling.
commit adde58d2cbbc67c5dee520d86bd2d206918822d6
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 8 12:40:30 2014 +0100
log-pcap: improve profiling
Add profiling to a logfile. Default is $log_dir/pcaplog_stats.log
The counters for open, close, rotate, write and handles are written
to it, as well as:
- total bytes written
- cost per MiB
- cost per GiB
Option is disabled by default.
commit f6c5b1715fb1d65e243fe3c5dec202d27fc975dc
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jan 7 13:56:09 2014 +0100
Update log-pcap.h, add license
Clean up log-pcap.h and add the OISF license header.
commit 1af2f6528b15c5392921347d0ebd69f994d07349
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jan 7 13:54:12 2014 +0100
log-pcap code cleanups
Code cleanups to make functions static.
commit fd7dd09f4cbbebc9f8cc8887e57c1d79233ce19d
Author: Victor Julien <victor at inliniac.net>
Date: Mon Jan 6 18:20:28 2014 +0100
profiling: add pcap logger profiling
Tracks: file open, file close, file rotate (which includes open and
close), file write and open handles.
Open handles measures the cost of open the libpcap handles.
-----------------------------------------------------------------------
Summary of changes:
src/log-pcap.c | 619 ++++++++++++++++++++++++++++++++++++++++++++++++------
src/log-pcap.h | 35 ++-
src/suricata.c | 1 +
suricata.yaml.in | 30 ++-
4 files changed, 614 insertions(+), 71 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list