suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

cybersecurity ids intrusion-detection-system intrusion-prevention-system ips network-monitor network-monitoring nsm security suricata threat-hunting

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Victor Julien fca541f40e Add per app layer parser profiling Per packet per app layer parser profiling. Example summary output: Per App layer parser stats: App Layer IP ver Proto cnt min max avg -------------------- ------ ----- ------ ------ ---------- ------- ALPROTO_HTTP IPv4 6 163394 126 38560320 42814 ALPROTO_FTP IPv4 6 644 117 26100 2566 ALPROTO_TLS IPv4 6 670 117 7137 799 ALPROTO_SMB IPv4 6 114794 126 225270 957 ALPROTO_DCERPC IPv4 6 5207 126 25596 1266 Also added to the csv out. In the csv out there is a new column "stream (no app)" that removes the app layer parsers from the stream tracking. So raw stream engine performance becomes visible.		14 years ago
benches	Initial add of the files.	16 years ago
doc	Support for PF_RING versions where packet passed as a reference and version 4.7.1 where pfring_enable_ring now seems to be required.	14 years ago
libhtp	libhtp/m4 dir won't be created on CentOS 5.3 by autogen.sh, so work around that by having it in git	15 years ago
m4	Prelude plugin: add detection in configure script	16 years ago
qa	Add per packet profiling.	14 years ago
rules	Minor fixes in defrag engine, shrink DefragTracker_ structure.	15 years ago
src	Add per app layer parser profiling	14 years ago
.gitignore	Import .gitignore file.	15 years ago
COPYING	Initial add of the files.	16 years ago
ChangeLog	Initial add of the files.	16 years ago
LICENSE	import of gplv2 LICENSE	16 years ago
Makefile.am	Add decoder-events to Makefile.am as well.	15 years ago
Makefile.cvs	Initial add of the files.	16 years ago
acsite.m4	Added C99 defs/macros to acsite.m4 for CentOS	16 years ago
autogen.sh	Add initial support for reading packets from a DAG card, we only support reading from a single stream at this time.	16 years ago
classification.config	Import of classification.config	16 years ago
configure.in	Only check for PF_RING if we enable PF_RING.	14 years ago
depcomp	Update autojunk.sh + build update.	16 years ago
doxygen.cfg	more project name updates	16 years ago
install-sh	Update autojunk.sh + build update.	16 years ago
missing	Update autojunk.sh + build update.	16 years ago
mkinstalldirs	Update autojunk.sh + build update.	16 years ago
reference.config	Add the ET reference.config file as a default	15 years ago
suricata.yaml	Add per packet profiling.	14 years ago