[Oisf-users] Description of Suricata Statistics

Charles DeVoe scarecrow_57 at yahoo.com
Thu Nov 17 13:05:03 UTC 2016


Well I was really looking for  complete description of all of the statistics.  2 reasons, one is a sanity check to verify that what I think I know I really do know, two is to understand the ones I don't know.  My purpose here is to see if I can come up with a method to create a score that tells me the health of the instance.  I have 150 sensors and I would like to focus on the least healthy sensors.  To that end, having a sound understanding of the values will be really helpful.

      From: Cooper F. Nelson <cnelson at ucsd.edu>
 To: Charles DeVoe <scarecrow_57 at yahoo.com>; "oisf-users at lists.openinfosecfoundation.org" <oisf-users at lists.openinfosecfoundation.org> 
 Sent: Wednesday, November 16, 2016 12:27 PM
 Subject: Re: [Oisf-users] Description of Suricata Statistics
   
If you want to just dump a list of the ones you don't understand I'll do
my best to explain them.  And I'm sure I'll be corrected if/when I make
mistakes!

-Coop

On 11/15/2016 9:21 AM, Charles DeVoe wrote:
> Next, in the Suricata stats file there are many counters/values.
> Some of them are intuitively obvious as to what they are (almost).
> Is there someplace where there is a description of what all of these
> values are measuring and how they are measured?

-- 
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042


   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161117/2fe25bd0/attachment-0002.html>


More information about the Oisf-users mailing list