'[Oisf-users] memcap_drop in stats.log'

[prev in list] [next in list] [prev in thread] [next in thread] 

List: oisf-users
Subject: [Oisf-users] memcap_drop in stats.log
From: Gene Albin <gene.albin () gmail ! com>
Date: 2011-07-30 3:17:14
Message-ID: CACUc1WNhen0vbUecZKn1Ppk7NWFo+tb-SVjvJFNOQKy5Vbw5Hw () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]

What causes the tcp.segment_memcap_drop and the tcp.ssn_memcap_drop counters
to increment in the stats.log file?  I haven't found much of a description
or suggestions on what I can do to reduce the number.  Here is a cut from my
stats.log file:

tcp.sessions              | Decode & Stream           | 569818
tcp.ssn_memcap_drop       | Decode & Stream           | 0
tcp.pseudo                | Decode & Stream           | 94588
tcp.segment_memcap_drop   | Decode & Stream           | 11204200
tcp.stream_depth_reached  | Decode & Stream           | 14
detect.alert              | Detect                    | 13239

Thanks for any suggestions.

Gene

-- 
Gene Albin
gene.albin@gmail.com

[Attachment #5 (text/html)]

What causes the tcp.segment_memcap_drop and the tcp.ssn_memcap_drop counters to \
increment in the stats.log file? I haven&#39;t found much of a description or \
suggestions on what I can do to reduce the number. Here is a cut from my stats.log \
file: tcp.sessions \
| Decode &amp; Stream | 569818 tcp.ssn_memcap_drop \
| Decode &amp; Stream | 0 tcp.pseudo \
| Decode &amp; Stream | 94588 tcp.segment_memcap_drop | Decode &amp; Stream | \
11204200 tcp.stream_depth_reached | Decode &amp; \
Stream | 14 detect.alert | Detect \
| 13239 Thanks for any \
suggestions. Gene -- Gene Albin <a \
href="mailto:gene.albin@gmail.com" target="_blank">gene.albin@gmail.com</a>

_______________________________________________
Oisf-users mailing list
Oisf-users@openinfosecfoundation.org
http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users

[prev in list] [next in list] [prev in thread] [next in thread] 