Suricata
suricata-7.0.7
1. What is Suricata
2. Quickstart guide
3. Installation
4. Upgrading
5. Security Considerations
6. Support Status
7. Command Line Options
8. Suricata Rules
9. Rule Management
10. Making sense out of Alerts
11. Performance
11.1. Runmodes
11.2. Packet Capture
11.3. Tuning Considerations
11.4. Hyperscan
11.5. High Performance Configuration
11.6. Statistics
11.7. Ignoring Traffic
11.8. Packet Profiling
11.9. Rule Profiling
11.10. Tcmalloc
11.11. Performance Analysis
12. Configuration
13. Reputation
14. Init Scripts
15. Setting up IPS/inline for Linux
16. Setting up IPS/inline for Windows
17. Output
18. Lua support
19. File Extraction
20. Public Data Sets
21. Using Capture Hardware
22. Interacting via Unix Socket
23. 3rd Party Integration
24. Man Pages
25. Acknowledgements
26. Licenses
27. Suricata Developer Guide
28. Verifying Suricata Source Distribution Files
Suricata
11.
Performance
Edit on GitHub
11.
Performance
11.1. Runmodes
11.1.1. Different runmodes
11.1.2. Load balancing
11.2. Packet Capture
11.2.1. Load balancing
11.2.2. RSS
11.2.3. Offloading
11.2.4. Recommendations
11.3. Tuning Considerations
11.3.1. max-pending-packets: <number>
11.3.2. mpm-algo: <ac|hs|ac-bs|ac-ks>
11.3.3. detect.profile: <low|medium|high|custom>
11.3.4. detect.sgh-mpm-context: <auto|single|full>
11.3.5. af-packet
11.3.6. ring-size
11.3.7. stream.bypass
11.4. Hyperscan
11.4.1. Introduction
11.4.2. Basic Installation (Package)
11.4.3. Advanced Installation (Source)
11.4.4. Using Hyperscan
11.5. High Performance Configuration
11.5.1. NIC
11.5.2. CPU affinity and NUMA
11.5.2.1. Intel based systems
11.5.2.2. AMD based systems
11.5.2.3. Other considerations
11.6. Statistics
11.6.1. stats.log file
11.6.1.1. Detecting packet loss
11.6.2. Kernel drops
11.6.3. Tools to plot graphs
11.7. Ignoring Traffic
11.7.1. capture filters (BPF)
11.7.1.1. BPF and IPS
11.7.2. pass rules
11.7.3. suppress
11.7.4. encrypted traffic
11.7.5. bypassing traffic
11.8. Packet Profiling
11.9. Rule Profiling
11.10. Tcmalloc
11.10.1. Installation
11.10.2. Usage
11.11. Performance Analysis
11.11.1. System Load
11.11.2. Logfiles
11.11.3. Suricata Load
11.11.4. Traffic
11.11.4.1. Basics
11.11.4.2. Advanced
11.11.4.3. Elephant Flows
11.11.5. Rules