[Oisf-users] Description of Suricata Statistics
Charles DeVoe
scarecrow_57 at yahoo.com
Thu Nov 17 13:05:03 UTC 2016
Well I was really looking for complete description of all of the statistics. 2 reasons, one is a sanity check to verify that what I think I know I really do know, two is to understand the ones I don't know. My purpose here is to see if I can come up with a method to create a score that tells me the health of the instance. I have 150 sensors and I would like to focus on the least healthy sensors. To that end, having a sound understanding of the values will be really helpful.
From: Cooper F. Nelson <cnelson at ucsd.edu>
To: Charles DeVoe <scarecrow_57 at yahoo.com>; "oisf-users at lists.openinfosecfoundation.org" <oisf-users at lists.openinfosecfoundation.org>
Sent: Wednesday, November 16, 2016 12:27 PM
Subject: Re: [Oisf-users] Description of Suricata Statistics
If you want to just dump a list of the ones you don't understand I'll do
my best to explain them. And I'm sure I'll be corrected if/when I make
mistakes!
-Coop
On 11/15/2016 9:21 AM, Charles DeVoe wrote:
> Next, in the Suricata stats file there are many counters/values.
> Some of them are intuitively obvious as to what they are (almost).
> Is there someplace where there is a description of what all of these
> values are measuring and how they are measured?
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161117/2fe25bd0/attachment-0002.html>
More information about the Oisf-users
mailing list