You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
suricata/doc/userguide/configuration
Juliana Fajardini 1956dc3d5d userguide: explain alert queue behavior and stats
Added sections along packet-alert-max config section explaining
packet alert queue overflow (when Suri reaches packet alert max), when
alerts are discarded etc.

Since from the user perspective it shouldn't matter how we process the
alert queue, the term "replace" is used, even though there's not exactly
a replacing action happening, with the queue bein pre-processed before
being appended to the Packet.

Also described the associated stats and added an explanation on when to
change packet-alert-max.

Task #5178
4 years ago
..
suricata-yaml
dropping-privileges.rst
global-thresholds.rst
index.rst
multi-tenant.rst
snort-to-suricata.rst
suricata-yaml.rst userguide: explain alert queue behavior and stats 4 years ago