[Oisf-users] suppress in threshold + packets dropped
erik clark
philosnef at gmail.com
Mon Nov 28 14:05:11 UTC 2016
I am supressing 33 signatures with
suppress gen_id 1, sig_id $sid
Since doing this, I see that Suricata is dropping around 12% of the
packets. This doesnt make any sense. Are suppressed signatures "dropped"?
Why are my stats crazy like this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161128/0b057135/attachment.html>
More information about the Oisf-users
mailing list