How to detect attacks in the infinite payloads?

I have the infinite payloads to check with about 40k ET rules. I tried with unit test functions to create a full package and also load signatures with unit test functions, however, it is very slow in this situation. Is there any suggestion to resolve my problem?

ps: The suricata version is 5.0.1.

Hi @ellenzhu, I’m not sure I understand your question. Are you trying to craft payloads to match each ET rule?

Yes, you are right. We have many payloads in our situation, and try to match each payload with all ET rules.