Suricata
latest
  • 1. What is Suricata
  • 2. Quickstart guide
  • 3. Installation
  • 4. Upgrading
  • 5. Security Considerations
  • 6. Support Status
  • 7. Command Line Options
  • 8. Suricata Rules
  • 9. Rule Management
  • 10. Making sense out of Alerts
  • 11. Performance
    • 11.1. Runmodes
    • 11.2. Packet Capture
    • 11.3. Tuning Considerations
    • 11.4. Hyperscan
    • 11.5. High Performance Configuration
    • 11.6. Statistics
    • 11.7. Ignoring Traffic
    • 11.8. Packet Profiling
    • 11.9. Rule Profiling
    • 11.10. Tcmalloc
    • 11.11. Performance Analysis
  • 12. Configuration
  • 13. Reputation
  • 14. Init Scripts
  • 15. Setting up IPS/inline for Linux
  • 16. Setting up IPS/inline for Windows
  • 17. Output
  • 18. Lua support
  • 19. File Extraction
  • 20. Public Data Sets
  • 21. Using Capture Hardware
  • 22. Interacting via Unix Socket
  • 23. 3rd Party Integration
  • 24. Man Pages
  • 25. Acknowledgements
  • 26. Licenses
  • 27. Suricata Developer Guide
Suricata
  • Docs »
  • 11. Performance
  • Edit on GitHub

11. PerformanceΒΆ

  • 11.1. Runmodes
    • 11.1.1. Different runmodes
    • 11.1.2. Load balancing
  • 11.2. Packet Capture
    • 11.2.1. Load balancing
    • 11.2.2. RSS
    • 11.2.3. Offloading
    • 11.2.4. Recommendations
  • 11.3. Tuning Considerations
    • 11.3.1. max-pending-packets: <number>
    • 11.3.2. mpm-algo: <ac|hs|ac-bs|ac-ks>
    • 11.3.3. detect.profile: <low|medium|high|custom>
    • 11.3.4. detect.sgh-mpm-context: <auto|single|full>
    • 11.3.5. af-packet
    • 11.3.6. ring-size
    • 11.3.7. stream.bypass
  • 11.4. Hyperscan
    • 11.4.1. Introduction
    • 11.4.2. Basic Installation (Package)
    • 11.4.3. Advanced Installation (Source)
    • 11.4.4. Using Hyperscan
  • 11.5. High Performance Configuration
    • 11.5.1. NIC
    • 11.5.2. CPU affinity and NUMA
      • 11.5.2.1. Intel based systems
      • 11.5.2.2. AMD based systems
      • 11.5.2.3. Other considerations
  • 11.6. Statistics
    • 11.6.1. stats.log file
      • 11.6.1.1. Detecting packet loss
    • 11.6.2. Kernel drops
    • 11.6.3. Tools to plot graphs
  • 11.7. Ignoring Traffic
    • 11.7.1. capture filters (BPF)
      • 11.7.1.1. BPF and IPS
    • 11.7.2. pass rules
    • 11.7.3. suppress
    • 11.7.4. encrypted traffic
    • 11.7.5. bypassing traffic
  • 11.8. Packet Profiling
  • 11.9. Rule Profiling
  • 11.10. Tcmalloc
    • 11.10.1. Installation
    • 11.10.2. Usage
  • 11.11. Performance Analysis
    • 11.11.1. System Load
    • 11.11.2. Logfiles
    • 11.11.3. Suricata Load
    • 11.11.4. Traffic
      • 11.11.4.1. Basics
      • 11.11.4.2. Advanced
      • 11.11.4.3. Elephant Flows
    • 11.11.5. Rules
Next Previous

© Copyright 2016-2023, OISF Revision af4bb917.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: latest
Versions
latest
suricata-7.0.1
suricata-7.0.0-rc2
suricata-7.0.0-rc1
suricata-7.0.0-beta1
suricata-7.0.0
suricata-6.0.9
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-6.0.5
suricata-6.0.4
suricata-6.0.3
suricata-6.0.2
suricata-6.0.14
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-6.0.10
suricata-6.0.1
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-6.0.0
suricata-5.0.9
suricata-5.0.8
suricata-5.0.7
suricata-5.0.6
suricata-5.0.5
suricata-5.0.4
suricata-5.0.3
suricata-5.0.2
suricata-5.0.10
suricata-5.0.1
suricata-5.0.0-rc1
suricata-5.0.0-beta1
suricata-5.0.0
suricata-4.1.9
suricata-4.1.8
suricata-4.1.7
suricata-4.1.6
suricata-4.1.5
suricata-4.1.4
suricata-4.1.3
suricata-4.1.2
suricata-4.1.10
suricata-4.1.1
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.1.0-beta1
suricata-4.1.0
suricata-4.0.7
suricata-4.0.6
suricata-4.0.5
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-4.0.1
suricata-4.0.0-rc2
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-4.0.0
suricata-3.2rc1
suricata-3.2beta1
suricata-3.2.5
suricata-3.2.4
suricata-3.2.3
suricata-3.2.2
suricata-3.2.1
suricata-3.2
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.