Performance and cpu usage Suricata 6/5

suricatalfon · March 29, 2022, 11:24am

Hí,

I’m seeing big differences in CPU usage between branches 6/5 Suricata

Suricata 6.x.x 100%
Suricata 5.x.x 2% - 7%

Andreas_Herz · March 29, 2022, 11:29am

What exact versions are you comparing? How does your setup look like? Without more details it’s hard to narrow down what the reason for the diff might be.

suricatalfon · March 29, 2022, 11:35am

Hí,

Suricata-6.0.3-1-64 in some case the windivert compilation
Suricata-5.0.7-1-64

The configurations are the ones that come by default in each version and the rules too,

Andreas_Herz · March 29, 2022, 11:38am

So it’s windows? What type of system? How is suricata running with which commandline parameters?

suricatalfon · March 29, 2022, 11:42am

Hí, I will prepare the information and share it

Tanks

suricatalfon · March 30, 2022, 5:55am

Hí, @Andreas_Herz

Microsoft Windows Server 2016 (64-bit).
RAM. 24GB.

Suricata 6.
suricata_6.yaml (73.6 KB)

Suricata 5.
suricata_5.yaml (70.9 KB)

Service:
suricata -c suricata.yaml -i 192.168.1.233 -l .\log -knone -vvv

suricatalfon · April 4, 2022, 5:38am

Too much difference. When I had suricata branch 6, it was almost always between 80 and 100%.
With branch 5, the most has been 8/10% approx.

Topic		Replies	Views
Suricata 6, constant use CPU Help	4	497	April 25, 2022
Profiling Suricata code for isolating CPU performance issues Developers ips , community	1	429	January 26, 2022
CPU usage of version 6.0.0 Help	38	3639	September 23, 2022
Suricata 6 --> High CPU usage while mem is good Help	20	3864	December 15, 2021
Running suricata in single threaded mode with windivert module Help windows , suricata	10	597	March 8, 2023

Performance and cpu usage Suricata 6/5

Related Topics