[Oisf-users] High Suricata capture.kernel_drops
Cloherty, Sean E
scloherty at mitre.org
Fri Jul 13 20:42:40 UTC 2018
If there are some huge flows from sources which you aren’t interested in monitoring, you might want to filter them out on the Gigamon. Youtube for instance or whatever else might be in your environment.
From: Oisf-users <oisf-users-bounces at lists.openinfosecfoundation.org> On Behalf Of fatema bannatwala
Sent: Friday, July 13, 2018 13:49 PM
To: Kerry.Milestone at ed.ac.uk
Cc: oisf-users at lists.openinfosecfoundation.org
Subject: Re: [Oisf-users] High Suricata capture.kernel_drops
Hi Kerry,
The traffic is being forwarded via Gigamon mirroring port to the sensor SFP interface. The copper DAC SFP+ cable is connected between the sensor and the gigamon for the 10gig interface.
Thanks for the ethtool settings, will see if that helps.
Fatema.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180713/d1a92294/attachment.html>
More information about the Oisf-users
mailing list