[Oisf-users] Suricata Dag Users
Marcos Rodriguez
marcos.e.rodriguez at gmail.com
Mon Aug 27 17:41:12 UTC 2012
On Mon, Aug 27, 2012 at 6:57 AM, Victor Julien <victor at inliniac.net> wrote:
> On 08/24/2012 06:44 PM, Marcos Rodriguez wrote:
> > Hi Everyone,
> >
> > Hope all is well! I have a question in regards to the
> source-erf-dag.c:534:
> >
> > [30919] 24/8/2012 -- 12:40:32 - (source-erf-dag.c:534) <Info>
> > (ReceiveErfDagThreadExitStats) -- Packets: 69313156; Bytes: 47785511412
> >
> > It would be nice if the drops were calculated for that output. Is this
> > possible? I currently just use dagconfig | grep drop_count to ensure
> > I'm not dropping. Should I just continue that, or could that be added
> > in the stats when Suri's done running? Thanks for your insight!
>
> If it's possible it's not immediately clear to me how. Hopefully one of
> the Endace guys can comment!
>
> Cheers,
> Victor
>
> Thanks, Victor! I totally forgot to add a point of reference using pcap:
[1547] 27/8/2012 -- 13:43:52 - (source-pcap.c:580) <Info>
(ReceivePcapThreadExitStats) -- (RxPcapeth11) Pcap Total:16 Recv:16 Drop:0
(0.0%).
I just thought it would add nice consistency across all supported sniffing
mediums. Thanks again, and I'm all ears, or eyes, if you will. :o)
marcos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120827/74c4f6b0/attachment-0002.html>
More information about the Oisf-users
mailing list