This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS - Performance question - snort status unused and max_queued_bytes ?


I do run a sg330 but the config is coming from a soft.appliance and since a while I get the message: S5: Session exceeded configured max bytes to queue

So I deciced to also double check the cc get ips num_instances first which was 0 (default) so I changed it to 4 followd by:

/var/mdw/scripts/snort restart unused

/var/mdw/scripts/snort status unsed 

Further what is the recommended setting for cc set ips snortsettings max_queued_bytes  for the sg330 ?

Thanks and Greets


This thread was automatically locked due to age.