tag:blogger.com,1999:blog-6352560843819453131.post5962955858705413197..comments2022-01-30T05:32:52.836-08:00Comments on IT Security through Open Source : Logs per second on eve.json - the good and the bad news on a 10Gbps IDPS line inspectionPevmahttp://www.blogger.com/profile/07698265905172078652noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-6352560843819453131.post-53294061618493773122014-06-01T02:48:53.880-07:002014-06-01T02:48:53.880-07:00Yes I agree here. All the available outputs enable...Yes I agree here. All the available outputs enabled in Suricata present a new level of challenge for the analysis management and implementation on high speed traffic inspection. Pevmahttps://www.blogger.com/profile/07698265905172078652noreply@blogger.comtag:blogger.com,1999:blog-6352560843819453131.post-59401481880617655102014-05-31T08:47:16.804-07:002014-05-31T08:47:16.804-07:00At least for alerts, tuning should get the number ...At least for alerts, tuning should get the number down. It's always nice to get the alert count down to something that is human manageable. <br /><br />But DNS and HTTP logging (and flow) are going to be a whole new issue that I'm not sure existing tools will be able to handle all that well. Anonymoushttps://www.blogger.com/profile/12222428053475460248noreply@blogger.com