Suricata 1.4.4 Released – A Network Intrusion Detection, Prevention and Security Monitoring System

Download all articles in PDF format with our TecMint Content Subscription and Linux Support Services starting at $10 per month.

Support TecMint: Did you find this tutorial helpful?. Please help to keep it alive by donating. Every cent counts! - Donate Now

Ravi Saive

I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

Receive Your Free Complimentary eBook NOW! -

Download Free Linux eBooks

Advanced Bash-Scripting Guide
Linux Bible
A Newbie's Getting Started Guide to Linux
Introduction to Linux - A Hands on Guide

You may also like...

10 Responses

  1. rishi says:

    Hi there

    can you shed some light on suricata rules update, Below are the following doubts

    1. i wantto configure VRT rules with suricata
    2. when ever i download the rules , do i need to update the suricata.yaml file with the rule name

    Thanks

    • Ravi Saive says:

      @Rishi,
      I think yes, you should update the suricata.yaml file after every change you make..never tried this, but you should try and update us..

  2. Anil says:

    Hi Sir,

    Please tell me that can I install suricata on RHEL5.

    ——————
    Regards
    Anil

  3. Muhammad Asif says:

    How to get rid of this issue.

    22/9/2014 — 10:57:49 – – [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] – opening rule file /etc/suricata/rules/dns-events.rules: No such file or directory.
    22/9/2014 — 10:57:56 – – [ERRCODE: SC_ERR_NOT_SUPPORTED(225)] – Eve-log support not compiled in. Reconfigure/recompile with libjansson and its development files installed to add eve-log support.
    22/9/2014 — 10:57:56 – – [ERRCODE: SC_ERR_PCAP_CREATE(21)] – Using Pcap capture with GRO or LRO activated can lead to capture problems.

    • Bernard Parinas says:

      ERRCODE 41 copy dns-events.rules from the extracted suricata source to /etc/suricata/rules/
      cp -r ~/suricata-version/rules/dns-events.rules /etc/suricata/rules/

      ERRCODE 225 compile libjansson from source before you install suricata:
      compile libjansson from source:
      wget http://www.digip.org/jansson/releases/jansson-2.7.tar.gz
      tar xzvf jansson-2.7.tar.gz
      cd jansson-2.7
      ./configure
      make
      make check
      sudo make install

      ERRCODE 21 to fix GRO & LRO warnings:
      sudo ethtool -K bond1 gro off
      sudo ethtool -K bond1 lro off

  4. steve says:

    hi
    The suricata run cmd gives undefined symbol:
    htp_config_set_query_case_insensitive

    – what is missing please?:

    root@LinuxLaptop:/home/stevee# suricata -c /etc/suricata/suricata.yaml -i eth0

    5/4/2014 — 13:18:16 – – This is Suricata version 1.4.4 RELEASE
    5/4/2014 — 13:18:16 – – CPUs/cores online: 2
    suricata: symbol lookup error: suricata: undefined symbol: htp_config_set_query_case_insensitive

  5. Pavan says:

    Hi Dude,

    You mentioned about email alerts but there is no configuration given. can you please tell me how to configure alerts.

    Thanks,
    Pavan

    • Ravi Saive says:

      I’ve checked dude, links are working correctly, can you download manually using wget command and then install it.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

Join Over 95000+ Linux Users
  1. 77,543
  2. 4,213
  3. 35,218

Enter your email to get latest Linux Howto's