"
Thanks Franco!
I have reverted suricata to 25.7.10 as you suggested. With IDS/IPS enabled I now have very high memory consumption, but not to the point where everything falls apart.
last pid: 45631; load averages: 0.60, 0.62, 0.42 up 0+18:34:05 12:46:35
77 processes: 1 running, 76 sleeping
CPU: 0.1% user, 0.0% nice, 0.2% system, 0.0% interrupt, 99.7% idle
Mem: 2151M Active, 92M Inact, 369M Laundry, 919M Wired, 56K Buf, 191M Free
ARC: 158M Total, 57M MFU, 59M MRU, 623K Anon, 1231K Header, 40M Other
75M Compressed, 167M Uncompressed, 2.24:1 Ratio
Swap: 8192M Total, 3984M Used, 4208M Free, 48% Inuse
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
69656 root 13 20 0 11G 2319M nanslp 1 1:21 0.38% suricata
Perhaps, I'm at the point where I simply need more RAM.
I haven't paid attention to CPU/RAM utilisation previously as the box has 'just worked'.
Hopefully this will provide clues to others hitting this problem.
I have reverted suricata to 25.7.10 as you suggested. With IDS/IPS enabled I now have very high memory consumption, but not to the point where everything falls apart.
last pid: 45631; load averages: 0.60, 0.62, 0.42 up 0+18:34:05 12:46:35
77 processes: 1 running, 76 sleeping
CPU: 0.1% user, 0.0% nice, 0.2% system, 0.0% interrupt, 99.7% idle
Mem: 2151M Active, 92M Inact, 369M Laundry, 919M Wired, 56K Buf, 191M Free
ARC: 158M Total, 57M MFU, 59M MRU, 623K Anon, 1231K Header, 40M Other
75M Compressed, 167M Uncompressed, 2.24:1 Ratio
Swap: 8192M Total, 3984M Used, 4208M Free, 48% Inuse
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
69656 root 13 20 0 11G 2319M nanslp 1 1:21 0.38% suricata
Perhaps, I'm at the point where I simply need more RAM.
I haven't paid attention to CPU/RAM utilisation previously as the box has 'just worked'.
Hopefully this will provide clues to others hitting this problem.
