{"id":4432,"date":"2019-03-09T18:15:07","date_gmt":"2019-03-09T17:15:07","guid":{"rendered":"https:\/\/nil.uniza.sk\/?p=4432"},"modified":"2019-05-25T14:51:07","modified_gmt":"2019-05-25T12:51:07","slug":"installation-of-suricata","status":"publish","type":"post","link":"https:\/\/nil.uniza.sk\/en\/installation-of-suricata\/","title":{"rendered":"Installation of Suricata"},"content":{"rendered":"<h1>Installation and basic setup of Suricata<\/h1>\n<p>First, add the latest stable Suricata repository to APT:<\/p>\n<pre><code>sudo add-apt-repository ppa:oisf\/suricata-stable\nsudo apt-get update<\/code><\/pre>\n<p>Now you can either install Suricata with:<\/p>\n<pre><code>sudo apt-get install suricata <\/code><\/pre>\n<p>or the Suricata package with built-in (enabled) debugging<\/p>\n<pre><code>sudo apt-get install suricata-dbg<\/code><\/pre>\n<h3>Basic setup<\/h3>\n<p>Start with creating a directory for Suricata&#8217;s log information.<\/p>\n<pre><code>sudo mkdir \/var\/log\/suricata<\/code><\/pre>\n<p>To prepare the system for using it, enter:<\/p>\n<pre><code>sudo mkdir \/etc\/suricata<\/code><\/pre>\n<p>The next step is to copy <em>classification.config<\/em>, <em>reference.config<\/em> and <em>suricata.yaml<\/em> from the base <em>build\/installation<\/em> directory (ex. from git it will be the oisf directory) to the <em>\/etc\/suricata directory<\/em>. Do so by entering the following:<\/p>\n<pre><code>sudo cp classification.config \/etc\/suricata\nsudo cp reference.config \/etc\/suricata\nsudo cp suricata.yaml \/etc\/suricata<\/code><\/pre>\n<h3>Auto setup<\/h3>\n<p>You can also use the available auto setup features of Suricata:<\/p>\n<p>The make <em>install-conf<\/em> option will do the regular &#8222;make install&#8220; and then automatically create\/setup all the necessary directories and <em>suricata.yaml<\/em>.<\/p>\n<pre><code> .\/configure &amp;&amp; make &amp;&amp; make install-conf<\/code><\/pre>\n<p>The make <em>install-rules<\/em> option will do the regular &#8222;make install&#8220; and it automatically downloads and sets up the latest ruleset from Emerging Threats available for Suricata.<\/p>\n<pre><code>.\/configure &amp;&amp; make &amp;&amp; make install-rules<\/code><\/pre>\n<p>The make <em>install-full<\/em> option combines everything mentioned above (install-conf and install-rules) &#8211; and will present you with a ready to run (configured and set up) Suricata<\/p>\n<pre><code>.\/configure &amp;&amp; make &amp;&amp; make install-full<\/code><\/pre>\n<h3>Source:<\/h3>\n<p><a href=\"https:\/\/redmine.openinfosecfoundation.org\/projects\/suricata\/wiki\/Ubuntu_Installation\">Suricata &#8211; Ubuntu installation<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Installation and basic setup of Suricata First, add the latest stable Suricata repository to APT: sudo add-apt-repository ppa:oisf\/suricata-stable sudo apt-get update Now you can either install Suricata with: sudo apt-get install suricata or the Suricata package with built-in (enabled) debugging sudo apt-get install suricata-dbg Basic setup Start with creating a directory for Suricata&#8217;s log information&#8230;.<\/p>","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"categories":[707],"tags":[914],"class_list":["post-4432","post","type-post","status-publish","format-standard","hentry","category-network-security-en","tag-suricata"],"taxonomy_info":{"category":[{"value":707,"label":"Network security"}],"post_tag":[{"value":914,"label":"suricata"}]},"featured_image_src_large":false,"author_info":{"display_name":"Miroslav Koh\u00fatik","author_link":"https:\/\/nil.uniza.sk\/en\/author\/miroslav-kohutik\/"},"comment_info":8,"category_info":[{"term_id":707,"name":"Network security","slug":"network-security-en","term_group":0,"term_taxonomy_id":705,"taxonomy":"category","description":"","parent":0,"count":4,"filter":"raw","cat_ID":707,"category_count":4,"category_description":"","cat_name":"Network security","category_nicename":"network-security-en","category_parent":0}],"tag_info":[{"term_id":914,"name":"suricata","slug":"suricata","term_group":0,"term_taxonomy_id":912,"taxonomy":"post_tag","description":"","parent":0,"count":6,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/posts\/4432","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/comments?post=4432"}],"version-history":[{"count":0,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/posts\/4432\/revisions"}],"wp:attachment":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/media?parent=4432"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/categories?post=4432"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/tags?post=4432"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}