Suricata
1. What is Suricata
2. Quickstart guide
3. Installation
4. Upgrading
5. Security Considerations
6. Support Status
7. Command Line Options
8. Suricata Rules
9. Rule Management
10. Making sense out of Alerts
11. Performance
11.1. Runmodes
11.2. Packet Capture
11.3. Tuning Considerations
11.4. Hyperscan
11.5. High Performance Configuration
11.6. Statistics
11.7. Ignoring Traffic
11.8. Packet Profiling
11.9. Rule Profiling
11.10. Tcmalloc
11.11. Performance Analysis
12. Configuration
13. Reputation
14. Init Scripts
15. Output
16. Lua support
17. File Extraction
18. Public Datasets (PCAPs)
19. Using Capture Hardware
20. Interacting via Unix Socket
21. Plugins
22. IPS Mode
23. Firewall Mode
24. 3rd Party Integration
25. Man Pages
26. Acknowledgements
27. Licenses
28. Suricata Developer Guide
29. Verifying Suricata Source Distribution Files
30. Appendix
31. Known Issues
Suricata
11.
Performance
View page source
11.
Performance
11.1. Runmodes
11.1.1. Different runmodes
11.1.2. Load balancing
11.2. Packet Capture
11.2.1. Load balancing
11.2.2. RSS
11.2.3. Offloading
11.2.4. Recommendations
11.3. Tuning Considerations
11.3.1. max-pending-packets: <number>
11.3.2. mpm-algo: <ac|hs|ac-ks>
11.3.3. detect.profile: <low|medium|high|custom>
11.3.4. detect.sgh-mpm-context: <auto|single|full>
11.3.5. af-packet
11.3.6. ring-size
11.3.7. stream.bypass
11.4. Hyperscan
11.4.1. Introduction
11.4.2. Basic Installation (Package)
11.4.3. Advanced Installation (Source)
11.4.4. Using Hyperscan
11.4.5. Hyperscan caching
11.5. High Performance Configuration
11.5.1. NIC
11.5.2. CPU affinity and NUMA
11.5.2.1. Intel based systems
11.5.2.2. AMD based systems
11.5.2.3. Other considerations
11.6. Statistics
11.6.1. stats.log file
11.6.1.1. Detecting packet loss
11.6.2. Kernel drops
11.6.3. Tools to plot graphs
11.7. Ignoring Traffic
11.7.1. Capture Filters (BPF)
11.7.1.1. BPF and IPS
11.7.2. pass rules
11.7.3. suppress
11.7.4. Encrypted Traffic
11.7.5. Bypassing Traffic
11.8. Packet Profiling
11.9. Rule Profiling
11.10. Tcmalloc
11.10.1. Installation
11.10.2. Usage
11.11. Performance Analysis
11.11.1. System Load
11.11.2. Logfiles
11.11.3. Suricata Load
11.11.4. Traffic
11.11.4.1. Basics
11.11.4.2. Advanced
11.11.4.3. Elephant Flows
11.11.5. Rules