How to get per-rule match count without "rule-profiling"

  • Suricata version: 7.0.7, with DPDK 20.11
  • Linux distribution: RHEL 8.8
  • Suricata installed from source

I’m a developing L7 firewall using Suricata, which blocks all requests outbound by default (with suricata rule drop/reject) , and allows access to specific domains (with fewer rules) by adding suricata rules pass. I need to count the number of each pass rule is matched.

I know rule-profiling can meet this requirement to a certain extent, but I hope it will not affect performance too much and count all the time, not just for a few tens of seconds. Does suricata have such a feature?