Just ran out of space in queue - Suricata Crash

[joeyboon]

I've experienced the same problem. Switching to Hyperscan makes the process no longer crash, but detection's don't occur. Does anything get detected once you've switched to Hyperscan?

[7queue]

I've experienced the same problem. Switching to Hyperscan makes the process no longer crash, but detection's don't occur. Does anything get detected once you've switched to Hyperscan?

I'm seeing the same error message on different systems both OPNsense and other platforms. So I don't think it's specific to OPNsense.

The small appliance I have OPNsense installed on has 16Gb ram and also runs Zenarmor with Elasticsearch v8, CrowdSec and Ntopng with Redis using Database Count of 16.

I've never been able to get Intrusion Prevention working with this particular configuration so I moved Suricata to an Edge Firewall running IPFire and the ram usage stays below 4Gb. When I tried OPNsense in a VM with 32Gb and Only Suricata it never showed any alerts so I shelved it to research what's going on under the hood when I have time.

YMMV

[biggreydog]

I am seeing the same issue here.