[Bro] dropped packets
Seth Hall
seth at icir.org
Wed Mar 5 18:21:43 PST 2014
On Mar 4, 2014, at 11:02 AM, sangdrax8 <sangdrax8 at gmail.com> wrote:
> 1393944936.832292 - - - - - - - - - PacketFilter::Dropped_Packets 11 packets dropped after filtering, 207913 received, 207913 on link - - - - - ids-1 Notice::ACTION_LOG 3600.000000 F - - - - -
Turns out…
PacketFilter::stats_collection_interval is 5 mins by default. You're seeing it reported every 5 minutes because that's the reporting interval. :)
If you look into the percentage of traffic you're seeing reported as lost, it's actually 0.005% which isn't really that bad. Granted, it doesn't explain *why* you had a few packets reported as lost but in the grand scheme of things it's really not that bad.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140305/c55e5098/attachment.bin
More information about the Bro
mailing list