👁 Image
This article or section needs language, wiki syntax or style improvements. See Help:Style for reference.
Reason: Multiple style issues. See Help:Style (Discuss in Talk:Suricata)
From the project home page:
- Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF and its supporting vendors.
Installation
Install the suricataAUR package.
Configuration
The main configuration file is /etc/suricata/suricata.yaml.
You should change the following parts of the configuration in order to make it run:
default-log-dir: /var/log/suricata/ # where you want to store log files classification-file: /etc/suricata/classification.config reference-config-file: /etc/suricata/reference.config HOME_NET: "[10.0.0.0/8]" # your local network host-os-policy: .. # according to the OS running the ips magic-file: /usr/share/file/misc/magic.mgc
Web interface
You may use Scirius CE [1] or SELKS [2] as web interface for rule management, log analysis, and other sensor management options.
Starting Suricata
Manual startup
You may start the suricata service manually with:
# /usr/bin/suricata -c /etc/suricata/suricata.yaml -i eth0
systemd service configuration
To start Suricata automatically at system boot, enable suricata.service.
Retrieved from "https://wiki.archlinux.org/index.php?title=Suricata&oldid=754887"
Hidden category: