[Oisf-users] Suricata Myricom and 10Gbit
Michał Purzyński
michalpurzynski1 at gmail.com
Mon Mar 31 23:22:08 UTC 2014
Argh, I've sent replies directly instead of the list, my apologies, Gmail
web interface isn't my native env.
Anyway.
There are around 4 cores busy most of the time and the rest floating. There
is nothing sitting at 100% all the time.
I use the ETOpen rule set, testing ETPro is my next step.
Enabled are (only)
ET-emerging-worm
ET-emerging-snmp
ET-emerging-attack_response
ET-emerging-botcc.portgrouped
ET-emerging-botcc
ET-emerging-ciarmy
ET-emerging-current_events
and also ET-emerging-chat without IRC
How much memory do you have in your sensors? SNF_DATARING_SIZE = 32GB times
16 is 512GB.
Also, how do you start Suricata - I use the eth4 interface, is there any
difference with using the snf0?
On Mon, Mar 31, 2014 at 4:52 PM, Erich Lerch <erich.lerch at gmail.com> wrote:
> Michał,
>
> We have a similar setup, also with the Myricom 10gb interface.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140401/34227487/attachment-0002.html>
More information about the Oisf-users
mailing list