Project

General

Profile

Actions

Bug #2225

closed

when stats info dumping in redis,the decoder.ipv4.trunc_pkt can't output.In the same time, in the stats.log this can output

Added by zhancang xu about 7 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

the stat.log

Date: 10/10/2017 -- 15:57:58 (uptime: 0d, 00h 01m 04s)
------------------------------------------------------------------------------------
Counter                                    | TM Name                   | Value
------------------------------------------------------------------------------------
capture.kernel_packets                     | Total                     | 6
decoder.pkts                               | Total                     | 8
decoder.bytes                              | Total                     | 1526
decoder.invalid                            | Total                     | 1
decoder.ipv4                               | Total                     | 8
decoder.ethernet                           | Total                     | 8
decoder.tcp                                | Total                     | 7
decoder.avg_pkt_size                       | Total                     | 190
decoder.max_pkt_size                       | Total                     | 577
flow.tcp                                   | Total                     | 1
decoder.ipv4.trunc_pkt                     | Total                     | 1
tcp.sessions                               | Total                     | 1
tcp.invalid_checksum                       | Total                     | 1
tcp.syn                                    | Total                     | 2
tcp.synack                                 | Total                     | 2
flow.spare                                 | Total                     | 10000
flow_mgr.rows_checked                      | Total                     | 65536
flow_mgr.rows_skipped                      | Total                     | 65536
tcp.memuse                                 | Total                     | 573440
tcp.reassembly_memuse                      | Total                     | 81920
flow.memuse                                | Total                     | 7074592

the redis stat log:

 "{\"timestamp\": \"2017-10-10T15:57:04.000180+0800\", \"event_type\": \"stats\", \"stats\": {\"uptime\": 10, \"capture\": {\"kernel_packets\": 1, \"kernel_drops\": 0}, \"decoder\": {\"pkts\": 0, \"bytes\": 0, \"invalid\": 0, \"ipv4\": 0, \"ipv6\": 0, \"ethernet\": 0, \"raw\": 0, \"null\": 0, \"sll\": 0, \"tcp\": 0, \"udp\": 0, \"sctp\": 0, \"icmpv4\": 0, \"icmpv6\": 0, \"ppp\": 0, \"pppoe\": 0, \"gre\": 0, \"vlan\": 0, \"vlan_qinq\": 0, \"teredo\": 0, \"ipv4_in_ipv6\": 0, \"ipv6_in_ipv6\": 0, \"mpls\": 0, \"avg_pkt_size\": 0, \"max_pkt_size\": 0, \"erspan\": 0, \"ipraw\": {\"invalid_ip_version\": 0}, \"ltnull\": {\"pkt_too_small\": 0, \"unsupported_type\": 0}, \"dce\": {\"pkt_too_small\": 0}}, \"flow\": {\"memcap\": 0, \"tcp\": 0, \"udp\": 0, \"icmpv4\": 0, \"icmpv6\": 0, \"spare\": 10000, \"emerg_mode_entered\": 0, \"emerg_mode_over\": 0, \"tcp_reuse\": 0, \"memuse\": 7074304}, \"defrag\": {\"ipv4\": {\"fragments\": 0, \"reassembled\": 0, \"timeouts\": 0}, \"ipv6\": {\"fragments\": 0, \"reassembled\": 0, \"timeouts\": 0}, \"max_frag_hits\": 0}, \"tcp\": {\"sessions\": 0, \"ssn_memcap_drop\": 0, \"pseudo\": 0, \"pseudo_failed\": 0, \"invalid_checksum\": 0, \"no_flow\": 0, \"syn\": 0, \"synack\": 0, \"rst\": 0, \"segment_memcap_drop\": 0, \"stream_depth_reached\": 0, \"reassembly_gap\": 0, \"overlap\": 0, \"overlap_diff_data\": 0, \"insert_data_normal_fail\": 0, \"insert_data_overlap_fail\": 0, \"insert_list_fail\": 0, \"memuse\": 573440, \"reassembly_memuse\": 81920}, \"detect\": {\"alert\": 0}, \"app_layer\": {\"flow\": {\"http\": 0, \"imap\": 0, \"msn\": 0, \"dns_tcp\": 0, \"enip\": 0, \"dnp3\": 0, \"failed_tcp\": 0, \"dns_udp\": 0, \"failed_udp\": 0}, \"tx\": {\"http\": 0, \"dns_tcp\": 0, \"dns_udp\": 0, \"enip\": 0}}, \"flow_mgr\": {\"closed_pruned\": 0, \"new_pruned\": 0, \"est_pruned\": 0, \"bypassed_pruned\": 0, \"flows_checked\": 0, \"flows_notimeout\": 0, \"flows_timeout\": 0, \"flows_timeout_inuse\": 0, \"flows_removed\": 0, \"rows_checked\": 65536, \"rows_skipped\": 65536, \"rows_empty\": 0, \"rows_busy\": 0, \"rows_maxlen\": 0}, \"file_store\": {\"open_files\": 0}, \"dns\": {\"memuse\": 0, \"memcap_state\": 0, \"memcap_global\": 0}, \"http\": {\"memuse\": 0, \"memcap\": 0}}, \"host\": \"LFG1000330219\"}" 


Related issues 1 (0 open1 closed)

Related to Suricata - Task #3135: counters: new default for decoder eventsClosedShivani BhardwajActions
Actions

Also available in: Atom PDF