Suricata - High Performance Network IDS, IPS and Network Security Monitoring engine.

Overview

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF and its supporting

How to install

To use this tool, please use a method listed below

In a Linux (Debian OS), run the following command(s).

It’s assumed that you're running a run a recent Ubuntu release as the official PPA can be used for the installation.

Installation steps:

sudo add-apt-repository ppa:oisf/suricata-stable

sudo apt update

sudo apt install suricata jq

The dedicated PPA repository is added, and after updating the index, Suricata can be installed. We recommend installing the jq tool at this time as it will help with displaying information from Suricata’s EVE JSON output (described later in this guide).

For the installation on other systems or to use specific compile options see Installation.

After installing Suricata, you can check what version of Suricata you have running and with what options as well as the service state:

 

sudo suricata --build-info

sudo systemctl status suricata

 

Please refer to the docs for the full instructions

 

Download directly from the following link:

 

How to execute

**Pending**

 

Reference(s):

 

Next steps:

 

This article was contributed by Gavin Dennis from Jamaica. Gavin is a member of the Caribbean CSPA.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.