[Oisf-users] Curious problem
Travel Factory S.r.l.
mc8647 at mclink.it
Thu Apr 10 10:01:12 UTC 2014
As you know I'm doing experiments with suricata 2.
A couple of days ago I enabled all the rules I need and every morning
I found suricata only logging UDP packets in eve.json. No TCP traffic
is logged.
Here there are 2 consecutive stats, just to see that there are dropped
tcp: http://pastebin.com/qMdhmfZg
I also saw that suricata reached 34.2 GB and since I only have 32,
swap was in use....
After restarting suricata, everything is logged.
I just wanted to let you know...
PS: of course I have to lower some memory settings and then check why
memory increases.
More information about the Oisf-users
mailing list