Suricata

Version : Suricata 2.0.11

Suricata is an open source-based intrusion detection system (IDS), Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine.

Netsurion Data Source Integrations for Suricata allows you to monitor the following components:-

  • Security – Suspicious network activities, if there is any change in privileges on user logon/authentication activities (logon, logoff). 

Once Suricata is configured to deliver events to Netsurion Open XDR Manager; alerts, dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security Suricata – High priority alert generated This alert is generated when highest priority (1) alert has occurred in Suricata IDS.

Reports

Type Name Description
Security Suricata – Alert analysis This report provides information related to alerts which were detected by Suricata IDS.

Documentation

The configuration details are consistent with Netsurion Open XDR 7.x and later, and Suricata 2.0.11

Download Integration Guide for configuration instructions and more information.