[Oisf-users] Configuration strategy for TCP segment pools/chunk pool
Peter Manev
petermanev at gmail.com
Sun Nov 26 18:18:47 UTC 2017
>
> On 26 Nov 2017, at 18:39, Cooper F. Nelson <cnelson at ucsd.edu> wrote:
>
> Hi all,
>
> I'm trying to get suricata 4.0 to produce these statistics on exit,
> however the '-v' flag doesn't seem to be enough.
>
> Is there a setting in the yaml file that is necessary as well?
In general running in the command line with “-vvv” with a default suricata.yaml will produce quite a verbose output - is that what you are after ? (Or you need more verbose suricata.log?)
>
> -Coop
>
>> On 5/25/2014 2:26 AM, Darren Spruell wrote:
>> Suricata 2.0 REL, Linux 3.10.40, AF_PACKET autofp runmode, 64 GB RAM.
>>
>> I'm gimping through some Suricata tuning and dealing with high (66%!)
>> rates of packet loss. I have a number of limits set fairly high and am
>> looking for signs of what else may be contributing to packet drop.
>> Wondering currently about this type of output:
>>
>> 25/5/2014 -- 00:36:29 - <Info> - TCP segment pool of size 4 had a peak
>> use of 2041 segments, more than the prealloc setting of 256
>
>
> --
> Cooper Nelson
> Network Security Analyst
> UCSD ITS Security Team
> cnelson at ucsd.edu x41042
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
More information about the Oisf-users
mailing list