Feature #1894
closed
Added by Peter Manev about 8 years ago.
Updated about 6 years ago.
Description
While discussing/testing an upcoming feature/PR with Regit it came up as an idea that it can be useful for troubleshooting and tuning to have a counter in stats.log of the "current"(or current avg for that specific period) flows.
Something like -
flows.concurrent
I would say 'flow.active' or 'flow.current' or something.
- Assignee set to OISF Dev
- Target version set to TBD
I think 'flow.current' would be nice, but since we're discussing this, are there any others we might add as well?
Btw there were a good bunch of counters added in git master already just a few days ago -
https://github.com/inliniac/suricata/commit/70c16f50e733f6f7cc40c1bc3465eb966e3be517
flow_mgr.flows_checked: number of flows checked for timeout in the last pass
flow_mgr.flows_notimeout: number of flows out of flow_mgr.flows_checked that didn't time out
flow_mgr.flows_timeout: number of out of flow_mgr.flows_checked that did reach the time out
flow_mgr.flows_removed: number of flows out of flow_mgr.flows_timeout that were really removed
flow_mgr.flows_timeout_inuse: number of flows out of flow_mgr.flows_timeout that were still in use or needed work
flow_mgr.rows_checked: hash table rows checked
flow_mgr.rows_skipped: hash table rows skipped because non of the flows would time out anyway
The counters below are only relating to rows that were not skipped.
flow_mgr.rows_empty: empty hash rows
flow_mgr.rows_maxlen: max number of flows per hash row. Best to keep low, so increase hash-size if needed.
flow_mgr.rows_busy: row skipped because it was locked by another thread
- Status changed from New to Rejected
- Assignee deleted (
OISF Dev)
- Target version deleted (
TBD)
Looks like this is a duplicate of #1478
Also available in: Atom
PDF