[Bro] Suggestions on handling 1Gb/s HTTP traffic?
Aashish Sharma
init.conf at gmail.com
Sun Oct 25 23:20:30 PDT 2015
Aaron,
What OS are you running Bro on ?
Aashish
> On Oct 25, 2015, at 10:36 PM, Aaron Lewis <the.warl0ck.1989 at gmail.com> wrote:
>
> Hi,
>
> I recently tested bro 2.4.1 with ~1Gb/s HTTP traffic, it works but the
> processes die out of OOM within a few hours.
>
> (The box has 16 cores and 64 GB memory, it should be enough right?)
>
> Now I'm trying to resolve this matter, perhaps one of the following,
>
> 1. Limit the volume of traffic that bro will process
> 2. Tune bro
>
> Can someone please help?
>
> And .. what's the maximum amount of traffic you guys ever tested?
>
> --
> Best Regards,
> Aaron Lewis - PGP: 0x13714D33 - http://pgp.mit.edu/
> Finger Print: 9F67 391B B770 8FF6 99DC D92D 87F6 2602 1371 4D33
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list