Suricata
Version : Suricata 2.0.11
Suricata is an open source-based intrusion detection system (IDS), Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine.
Netsurion Data Source Integrations for Suricata allows you to monitor the following components:-
- Security – Suspicious network activities, if there is any change in privileges on user logon/authentication activities (logon, logoff).
Once Suricata is configured to deliver events to Netsurion Open XDR Manager; alerts, dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
Type | Name | Description |
---|---|---|
Security | Suricata – High priority alert generated | This alert is generated when highest priority (1) alert has occurred in Suricata IDS. |
Reports
Type | Name | Description |
---|---|---|
Security | Suricata – Alert analysis | This report provides information related to alerts which were detected by Suricata IDS. |
Documentation
The configuration details are consistent with Netsurion Open XDR 7.x and later, and Suricata 2.0.11
Download Integration Guide for configuration instructions and more information.