[Snort-users] Help interpreting snort statistics

Joel Esler joel.esler at ...14399...
Wed Mar 24 21:05:06 EDT 2010


Daniel,

I'd be glad to help you out with this, however, this is a snapshot in time.  I'd do better if your turned on the perfstats preprocessor (search the snort.conf for perfstats).  That would provide me more detailed information.

Joel

On Mar 24, 2010, at 7:36 PM, Galley, Daniel wrote:

> Attached is a log of our snort stats at the end of a 24-hour period.  Anyone willing to take a look and point out any glaring problems?  Also, does anyone have a link to a guide to help me understand what all of this means?
>  
> We are running snort 2.8.5.3 on FreeBSD 8.0 (64-bit).  The box is a Dell Optiplex with a Core 2 Duo E8600 (3.33 GHz) with 4 GB of memory.  The sniffing interface is the built-on Intel Pro/1000.  The sensor is sitting outside of our firewall and our outgoing traffic peaks at about 20 Mbps.
>  
> Thanks a lot!
>  
> Daniel S. Galley 
> Desktop Support Analyst
> UCLA School of Dentistry
> <Mar24Perf.txt>------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev_______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

--
Joel Esler
http://blog.joelesler.net


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100324/7a23ac25/attachment.html>


More information about the Snort-users mailing list