-
Notifications
You must be signed in to change notification settings - Fork 0
Configuration
A full configuration file is provided inside the example directory here.
Note: Refer to each plugin for plugin specific configuration.
Every result generated creates a field containing the hostname. This can be used to identify the capture point the result was generated from if multiple capture points are being used.
The interface to use to read packets from. This can be any URI supported by libtrace. More information on libtrace URIs can be found at https://github.com/LibtraceTeam/libtrace/wiki/Supported-Trace-Formats
The number of packet processing threads to use.
Note: If increasing to more than 1 refer to enable_bidirectional_hasher.
If the number of packet processing threads is greater than 1 and the capturing interface does NOT support assigning packets belonging to the same flow to the same thread then this MUST be enabled. If only 1 packet processing thread is used keep this option disabled.
The method to use to determine a packets direction
- DIR_METHOD_TRACE - use the built-in libtrace trace_get_direction method. (Useful for monitoring a single host)
- DIR_METHOD_PORT - Guess the direction based on server/client ports.
- DIR_METHOD_NETWORK - Use prefix/s defined in local_networks. (Useful when the capture point is on the edge of a network with known internal/local prefix/s)
The local networks in CIDR format IPv4 and IPv6 supported
Debug level 0-3 to standard error