[Oisf-users] Rule Sets
Adnan Baykal
abaykal at gmail.com
Sat Mar 15 02:39:04 UTC 2014
Can you guys tell me how many rules are you loading into your Suricata
Instance and what kind of hardware (CPU/Memory) and how much traffic are
you monitoring?
I have a 6 core single CPU with 16GB ram - if I am monitoring a 600MB/s
throughput network, how many rules should I be able to load and process?
my nic is not dropping a single packet, however, when I load about 13K
rules, all the threads are 100% and suricata kernel packet drop goes over
50%. I am trying to figure out if it is my hardware setup or tuning of
suricata that is the problem. (I am running PF_RING)
any info and help is appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140314/d63290f9/attachment.html>
More information about the Oisf-users
mailing list