Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF and its supporting
How to install
To use this tool, please use a method listed below
In a Linux (Debian OS), run the following command(s).
It’s assumed that you're running a run a recent Ubuntu release as the official PPA can be used for the installation.
sudo add-apt-repository ppa:oisf/suricata-stable sudo apt update sudo apt install suricata jq
The dedicated PPA repository is added, and after updating the index, Suricata can be installed. We recommend installing the jq tool at this time as it will help with displaying information from Suricata’s EVE JSON output (described later in this guide).
For the installation on other systems or to use specific compile options see Installation.
After installing Suricata, you can check what version of Suricata you have running and with what options as well as the service state:
sudo suricata --build-info sudo systemctl status suricata
Please refer to the docs for the full instructions
Download directly from the following link:
How to execute
This article was contributed by Gavin Dennis from Jamaica. Gavin is a member of the Caribbean CSPA.