[Oisf-users] Configuration strategy for TCP segment pools/chunk pool
Peter Manev
petermanev at gmail.com
Sun Nov 26 19:11:32 UTC 2017
> On 26 Nov 2017, at 19:34, Cooper F. Nelson <cnelson at ucsd.edu> wrote:
>
> I'm specifically trying to get metrics for peak usage of the tcp
> segments pool, like this:
>> 25/5/2014 -- 00:36:29 - <Info> - TCP segment pool of size 4 had a peak
>> use of 2041 segments, more than the prealloc setting of 256
>
This is diff and redone in 4+ (so you will not see similar to the above msg you refer to)
https://redmine.openinfosecfoundation.org/projects/suricata/repository/revisions/master/entry/suricata.yaml.in#L1247
> The -vvv flag provides more data, but not this information unfortunately.
>
> -Coop
>
>> On 11/26/2017 10:18 AM, Peter Manev wrote:
>> In general running in the command line with “-vvv” with a default suricata.yaml will produce quite a verbose output - is that what you are after ? (Or you need more verbose suricata.log?)
>
>
> --
> Cooper Nelson
> Network Security Analyst
> UCSD ITS Security Team
> cnelson at ucsd.edu x41042
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20171126/05696074/attachment-0002.html>
More information about the Oisf-users
mailing list