Skip to main content


Last updated March 2020

This configuration table limits the message rate.

Find below the sample excerpt included in the dp_config.lua file.

msys.dp_config.audit_series.messages = {
  type = "cidr",
  interval = 900,
  buckets = 4,
  thresholds = {
    { check = true,
      key = "/32",
      startv = 0,
      endv = 3,
      threshold = 200,
      honor_whitelist = { "global" } },
    { check = true,
      key = "/24",
      startv = 0,
      endv = 3,
      threshold = 2000,
      honor_whitelist = { "global" } }
  options = {
    persist = true

The elements of this configuration table are as follows:


Legal values for this element are cidr and, as of version 3.4, cidr_ipv6.


The time interval that you wish to look at measured in seconds. A reasonable value might be 900.


A bucket is a window of time of the length defined by "interval". A reasonable value might be 4.


Define the different threshold maximums. thresholds is a nested table within this configuration option. The following list defines the attributes of the individual thresholds.


Whether or not to use this configuration item.


The CIDR mask length for the threshold (the leading forward slash is required).


The starting bucket (0 is the current bucket) to query across.


The ending bucket.


The threshold that triggers the associated action. In this case a code 421 is issued along with the message message rate limit exceeded.


A table listing any applicable whitelists set in the msys.dp_config.whitelist table.


This item is a table with the following possible keys:


Write audit series to log. The value may be true or false; false is the default.

When true, the log will be written to the directory defined by the serialize_dir option in the inbound_audit module. The default value for this option is /var/log/ecelerity/audit_series_persist.


Defaults to none, but can be cluster to send to all nodes, or manager to send only to cluster manager nodes. This requires explicit configuration in the cluster stanza to operate correctly. For more information see Data Replication.


When set to true, the audit series will be persisted. The persisted series will be reloaded when the engine restarts. The default value is false.

Was this page helpful?