[Oisf-users] Suricata using 35% cpu with no load?
Alan Wanderley dos Santos
alan.santos at rnp.br
Thu Jul 30 19:57:14 UTC 2015
Didi you see the fast.log and others logs?
Maybe there are some traffic (icmp or broadcast for example) coming to virtual machine, even little being data, can generated a lot of logs and degree the performance.
I had a similar situation on a VM of testing.
Just a shot into darkness rsrs
Regards,
-----------------------------------------------
Alan Santos
Analista de Segurança
Centro de Atendimento a Incidentes de Segurança (CAIS)
Rede Nacional de Ensino e Pesquisa (RNP)
(19) 3787-3314 | alan.santos at rnp.br
De: "Duane Howard" <duane.security at gmail.com>
Para: "oisf-users" <oisf-users at openinfosecfoundation.org>
Enviadas: Quinta-feira, 30 de julho de 2015 16:50:51
Assunto: [Oisf-users] Suricata using 35% cpu with no load?
I've got a random virtual testing machine, and I'm seeing Suricata sitting at about 35% CPU load, even though there's absolutely no traffic heading to it at the moment. Is there an easy way to get Suricata to tell me what it's doing that would cause this? It occurs on real interfaces with low traffic, loopback, as well as bonds where there's no trafic.
./d
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150730/c97e6c21/attachment-0002.html>
More information about the Oisf-users
mailing list