[Oisf-users] Configuration strategy for TCP segment pools/chunk pool

Peter Manev petermanev at gmail.com
Sun Nov 26 19:11:32 UTC 2017



> On 26 Nov 2017, at 19:34, Cooper F. Nelson <cnelson at ucsd.edu> wrote:
> 
> I'm specifically trying to get metrics for peak usage of the tcp
> segments pool, like this:
>> 25/5/2014 -- 00:36:29 - <Info> - TCP segment pool of size 4 had a peak
>> use of 2041 segments, more than the prealloc setting of 256
> 

This is diff and redone  in 4+ (so you will not see similar to the above msg you refer to)
https://redmine.openinfosecfoundation.org/projects/suricata/repository/revisions/master/entry/suricata.yaml.in#L1247



> The -vvv flag provides more data, but not this information unfortunately.
> 
> -Coop
> 
>> On 11/26/2017 10:18 AM, Peter Manev wrote:
>> In general running in the command line with “-vvv” with a default suricata.yaml will produce quite a verbose output - is that what you are after ? (Or you need more verbose suricata.log?)
> 
> 
> -- 
> Cooper Nelson
> Network Security Analyst
> UCSD ITS Security Team
> cnelson at ucsd.edu x41042
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20171126/05696074/attachment-0002.html>


More information about the Oisf-users mailing list