[Oisf-users] Testers: please test our initial Hyperscan support
Cooper F. Nelson
cnelson at ucsd.edu
Thu Mar 31 21:18:38 UTC 2016
I'm currently testing the 'hs' algo via the dev-detect-grouping-v200 branch.
I switched from a 'custom' detect-engine setting to 'high'. Is this
still relevant for hyperscan? Or is there a recommended optimum setting
(we have lots of memory available).
So far performance seems identical to the prior "dev-detect-grouping"
branch, with the caveat that memory usage is currently lower (by 50%
currently). I'll leave it running overnight and see if that changes.
-Coop
On 3/30/2016 9:53 AM, Victor Julien wrote:
> The good folks at Intel created mpm support for Hyperscan in Suricata,
> which I merged into the git master today.
>
> Please give it a go. Instructions can be found here
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Hyperscan
>
> It should lead to higher performance and I noticed that rule reloads are
> faster as well.
>
> Cheers,
> Victor
>
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160331/a94b8887/attachment-0002.sig>
More information about the Oisf-users
mailing list