Possible memory leak
Closed this issue · 3 comments
We have noticed that with this script in some enviroments we are getting a memory leak for bro/zeek.
We have noticed that in some case, when there are a lot of long/persistent connections, bro/zeek makes our server swap and then crashes.
Hi,
I believe I know what causes this now. It's not a lot of long connections, but a lot of short ones.
The conn polling keeps a reference to the connection alive which causes higher memory usage. Changing default_durations to include some smaller durations and then ignoring them might fix it, but looking into a different design that would avoid this.
This PR against zeek should fix the memory usage: zeek/zeek#1035
I'm going to close this since it was a zeek issue and that was fixed a while ago.