Greetings,
I have been doing a lot of work as time permits fine tuning the setup even further and I learn more an more each time. Tuning Suricata is a bit of a mysterious adventure, tweaks you make that seem like they would help sometimes have the opposit effect, I think a lot of this is due to how network traffic ebbs and flows, so I tweak I might make at one point may be during a slower period, and once traffic heats up again I find it might have been an oops; so it is a bit tedious for someone like me that does not understand Suricata like the devs might, but it is all in good fun and I am learning a lot which is always enjoyable. If you are interested in what I am doing I suggest revisiting this page every once in a while.