Bug #1737: Stats not reset between PCAPs when Suricata runs in socket mode - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #1737

closed

Stats not reset between PCAPs when Suricata runs in socket mode

Added by Andrew Brown over 8 years ago. Updated over 8 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Andrew Brown

Target version:

3.0.1

Affected Versions:

Effort:

Difficulty:

Label:

Description

When running Suricata in Unix Socket mode, stats such as packet count are not reset after each PCAP is scanned. This leads to incorrect/invalid data in the output file which states incorrect packet numbers for fired events.

e.g. I scan a 1000 packet PCAP, then I scan a second 1000 packet PCAP. An event is triggered on packet 500 of PCAP #2, but the output states the packet fired on is 1500 which is not even a valid packet number for that PCAP.

Another statistic not being reset is the file extraction counter.

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #1737

Stats not reset between PCAPs when Suricata runs in socket mode

Updated by Victor Julien over 8 years ago

Updated by Andrew Brown over 8 years ago

Updated by Victor Julien over 8 years ago