[Oisf-users] Aggregated statistics?
Andreas Herz
andi at geekosphere.org
Wed Sep 14 20:14:27 UTC 2016
On 13/09/16 at 16:56, Michael J. Sheldon wrote:
> Is it possible to have Suricata write aggregated traffic statistics?
>
> Specifically, I would like to have protocol-specific counts, per minute.
>
> I've searched, but all I find says that the stats log does not break down by protocol, and the eve/tcpdump logs write for every packet. The traffic levels we sometimes see are not practical for writing every single transaction.
I guess it would be a feature request to fit your need.
Could you add this, maybe with a little bit more details/examples to the
issue tracker as feature request?
We also welcome contributions :)
> Michael Sheldon
> Dev-DNS Services
> GoDaddy.com
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC: http://oisfevents.net
--
Andreas Herz
More information about the Oisf-users
mailing list