[Oisf-users] Monitoring stats log file (with Zabbix) to measure impact of fine-tuning config file
Victor Julien
lists at inliniac.net
Thu Nov 14 14:53:56 UTC 2013
On 11/14/2013 02:00 PM, Christophe Vandeplas wrote:
> For quite some time I've been facing performance and configuration
> challenges with Suricata. One of my frustrations was that I could
> barely measure the results of configuration changes I made, especially
> because sometimes it takes hours before "things go wrong". Looking at
> the stats.log file manually didn't really seem practical so I wanted
> to integrate this in my monitoring tool to be able to plot graphs.
>
> For this I needed to write a script that consolidated the stats.log
> output, as counters are unique per thread it's kinda annoying to have
> 8 counters for the same thing if you're running with 8 threads like
> me.
>
> The script itself might be useful for anyone wanting to feed the
> stats.log to another tool.
>
> You'll find the story here:
> http://christophe.vandeplas.com/2013/11/suricata-monitoring-with-zabbix-or-other.html
>
> And the script and zabbix configuration here:
> https://github.com/cvandeplas/suricata_stats
>
> The zabbix xml template is not yet complete (still missing some
> counters) but I'll do my best to add them later.
>
> Hope it's useful for others.
Very cool. Thanks for sharing Christophe.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list