Suricata
suricata-4.1.0-beta1
1. What is Suricata
2. Installation
3. Command Line Options
4. Suricata Rules
5. Rule Management
6. Making sense out of Alerts
7. Performance
7.1. Runmodes
7.2. Packet Capture
7.3. Tuning Considerations
7.4. Hyperscan
7.5. High Performance Configuration
7.6. Statistics
7.7. Ignoring Traffic
7.8. Packet Profiling
7.9. Rule Profiling
7.10. Tcmalloc
8. Configuration
9. Reputation
10. Init Scripts
11. Setting up IPS/inline for Linux
12. Output
13. File Extraction
14. Public Data Sets
15. Using Capture Hardware
16. Interacting via Unix Socket
17. Man Pages
18. Acknowledgements
19. Licenses
Suricata
Docs
»
7. Performance
Edit on GitHub
7. Performance
ΒΆ
7.1. Runmodes
7.1.1. Different runmodes
7.2. Packet Capture
7.2.1. Load balancing
7.2.2. RSS
7.2.3. Offloading
7.2.4. Recommendations
7.3. Tuning Considerations
7.3.1. max-pending-packets: <number>
7.3.2. mpm-algo: <ac|hs|ac-bs|ac-ks>
7.3.3. detect.profile: <low|medium|high|custom>
7.3.4. detect.sgh-mpm-context: <auto|single|full>
7.4. Hyperscan
7.4.1. Introduction
7.4.2. Compilation
7.4.3. Using Hyperscan
7.4.4. Ubuntu Hyperscan Installation
7.4.4.1. libboost headers
7.4.4.2. Trusty
7.4.4.3. Hyperscan
7.5. High Performance Configuration
7.6. Statistics
7.6.1. stats.log file
7.6.1.1. Detecting packet loss
7.6.2. Kernel drops
7.6.3. Tools to plot graphs
7.7. Ignoring Traffic
7.7.1. capture filters (BPF)
7.7.2. pass rules
7.7.3. suppress
7.8. Packet Profiling
7.9. Rule Profiling
7.10. Tcmalloc
7.10.1. Installation
7.10.2. Usage