[Oisf-users] (no subject)

Travel Factory S.r.l. mc8647 at mclink.it
Mon Mar 24 11:23:47 UTC 2014 

> You can check stats.log for more clues.
> 


I post the stats for one core and for flow. Please note that 
capture.kernel_drops increases during suricata startup and then 
increases no more.
I see nothing strange in it but I'm not an expert...


capture.kernel_packets    | AFPacketeth78             | 39271544
capture.kernel_drops      | AFPacketeth78             | 47434
decoder.pkts              | AFPacketeth78             | 39224023
decoder.bytes             | AFPacketeth78             | 25794797258
decoder.ipv4              | AFPacketeth78             | 39220226
decoder.ipv6              | AFPacketeth78             | 4216
decoder.ethernet          | AFPacketeth78             | 39224023
decoder.raw               | AFPacketeth78             | 0
decoder.sll               | AFPacketeth78             | 0
decoder.tcp               | AFPacketeth78             | 38709446
decoder.udp               | AFPacketeth78             | 468016
decoder.sctp              | AFPacketeth78             | 0
decoder.icmpv4            | AFPacketeth78             | 21664
decoder.icmpv6            | AFPacketeth78             | 2168
decoder.ppp               | AFPacketeth78             | 0
decoder.pppoe             | AFPacketeth78             | 0
decoder.gre               | AFPacketeth78             | 0
decoder.vlan              | AFPacketeth78             | 0
decoder.teredo            | AFPacketeth78             | 374
decoder.ipv4_in_ipv6      | AFPacketeth78             | 0
decoder.ipv6_in_ipv6      | AFPacketeth78             | 0
decoder.avg_pkt_size      | AFPacketeth78             | 658
decoder.max_pkt_size      | AFPacketeth78             | 1514
defrag.ipv4.fragments     | AFPacketeth78             | 188
defrag.ipv4.reassembled   | AFPacketeth78             | 61
defrag.ipv4.timeouts      | AFPacketeth78             | 0
defrag.ipv6.fragments     | AFPacketeth78             | 0
defrag.ipv6.reassembled   | AFPacketeth78             | 0
defrag.ipv6.timeouts      | AFPacketeth78             | 0
defrag.max_frag_hits      | AFPacketeth78             | 0
tcp.sessions              | AFPacketeth78             | 213079
tcp.ssn_memcap_drop       | AFPacketeth78             | 0
tcp.pseudo                | AFPacketeth78             | 4311
tcp.invalid_checksum      | AFPacketeth78             | 0
tcp.no_flow               | AFPacketeth78             | 0
tcp.reused_ssn            | AFPacketeth78             | 10
tcp.memuse                | AFPacketeth78             | 1840000000
tcp.syn                   | AFPacketeth78             | 448996
tcp.synack                | AFPacketeth78             | 425954
tcp.rst                   | AFPacketeth78             | 44414
tcp.segment_memcap_drop   | AFPacketeth78             | 0
tcp.stream_depth_reached  | AFPacketeth78             | 1
tcp.reassembly_memuse     | AFPacketeth78             | 612577353
tcp.reassembly_gap        | AFPacketeth78             | 5901
detect.alert              | AFPacketeth78             | 60

flow_mgr.closed_pruned    | FlowManagerThread         | 3249197
flow_mgr.new_pruned       | FlowManagerThread         | 466734
flow_mgr.est_pruned       | FlowManagerThread         | 787118
flow.memuse               | FlowManagerThread         | 7433952
flow.spare                | FlowManagerThread         | 11109
flow.emerg_mode_entered   | FlowManagerThread         | 0
flow.emerg_mode_over      | FlowManagerThread         | 0

More information about the Oisf-users mailing list