Snort spikes to 100% CPU followed by network latency

[Cody Brugh <cbrugh () gmail com>]

Hello,

We have been running snort in-line for over a year now with no issues in
terms of latency or CPU usage.  Recently (over the past month) snort will
all of the sudden spike CPU usage up to 100% and network latency becomes
real bad, 1000+ms.

I am really not sure where to start on figuring out what is causing this.
I am starting snort so it prints the alerts/drops on the console and don't
see any specific rule that would be causing this.

Any advise on this issue?

Snort OS: CentOS, 64-bit

  o"  )~   Version 2.9.6.1 GRE (Build 56)
   ''''    By Martin Roesch & The Snort Team:
http://www.snort.org/snort/snort-team
           Copyright (C) 2014 Cisco and/or its affiliates. All rights
reserved.
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using libpcap version 1.0.0
           Using PCRE version: 7.8 2008-09-05
           Using ZLIB version: 1.2.3

DAQ version: 2.0.2

Thanks!

------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!