CL-Softwares
/
telegraf
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix suricata input docs (#7856)

This commit is contained in:
kiokoman 2020-07-20 16:32:24 +02:00 committed by GitHub
parent ef262b1372
commit bf5befa8fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
plugins/inputs/suricata/README.md
View File

@ -8,7 +8,7 @@ stats output to, and processes the incoming data to fit Telegraf's format.
### Configuration
```toml
[[input.suricata]]
[[inputs.suricata]]
## Data sink for Suricata stats log.
# This is expected to be a filename of a
# unix socket to be created for listening.
@ -111,6 +111,19 @@ output in the Suricata configuration file:
threads: yes
```
#### FreeBSD tuning
Under FreeBSD it is necessary to increase the localhost buffer space to at least 16384, default is 8192
otherwise messages from Suricata are truncated as they exceed the default available buffer space,
consequently no statistics are processed by the plugin.
```text
sysctl -w net.local.stream.recvspace=16384
sysctl -w net.local.stream.sendspace=16384
```
### Example Output
```text