Suricata 1.4.4 Released – A Network Intrusion Detection, Prevention and Security Monitoring System

If you have any questions or problems regarding this article and want help within 24 Hours? Ask Now

Ravi Saive

Simple Word a Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux.

Receive Your Free Complimentary eBook NOW! -

Download Free Linux eBooks

Advanced Bash-Scripting Guide
Linux Bible
A Newbie's Getting Started Guide to Linux
Ubuntu Linux Toolbox: 1000+ Commands

You may also like...

10 Responses

  1. rishi says:

    Hi there

    can you shed some light on suricata rules update, Below are the following doubts

    1. i wantto configure VRT rules with suricata
    2. when ever i download the rules , do i need to update the suricata.yaml file with the rule name

    Thanks

    • Ravi Saive says:

      @Rishi,
      I think yes, you should update the suricata.yaml file after every change you make..never tried this, but you should try and update us..

  2. Anil says:

    Hi Sir,

    Please tell me that can I install suricata on RHEL5.

    ——————
    Regards
    Anil

  3. Muhammad Asif says:

    How to get rid of this issue.

    22/9/2014 — 10:57:49 – – [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] – opening rule file /etc/suricata/rules/dns-events.rules: No such file or directory.
    22/9/2014 — 10:57:56 – – [ERRCODE: SC_ERR_NOT_SUPPORTED(225)] – Eve-log support not compiled in. Reconfigure/recompile with libjansson and its development files installed to add eve-log support.
    22/9/2014 — 10:57:56 – – [ERRCODE: SC_ERR_PCAP_CREATE(21)] – Using Pcap capture with GRO or LRO activated can lead to capture problems.

    • Bernard Parinas says:

      ERRCODE 41 copy dns-events.rules from the extracted suricata source to /etc/suricata/rules/
      cp -r ~/suricata-version/rules/dns-events.rules /etc/suricata/rules/

      ERRCODE 225 compile libjansson from source before you install suricata:
      compile libjansson from source:
      wget http://www.digip.org/jansson/releases/jansson-2.7.tar.gz
      tar xzvf jansson-2.7.tar.gz
      cd jansson-2.7
      ./configure
      make
      make check
      sudo make install

      ERRCODE 21 to fix GRO & LRO warnings:
      sudo ethtool -K bond1 gro off
      sudo ethtool -K bond1 lro off

  4. steve says:

    hi
    The suricata run cmd gives undefined symbol:
    htp_config_set_query_case_insensitive

    – what is missing please?:

    root@LinuxLaptop:/home/stevee# suricata -c /etc/suricata/suricata.yaml -i eth0

    5/4/2014 — 13:18:16 – – This is Suricata version 1.4.4 RELEASE
    5/4/2014 — 13:18:16 – – CPUs/cores online: 2
    suricata: symbol lookup error: suricata: undefined symbol: htp_config_set_query_case_insensitive

  5. Pavan says:

    Hi Dude,

    You mentioned about email alerts but there is no configuration given. can you please tell me how to configure alerts.

    Thanks,
    Pavan

    • Ravi Saive says:

      I’ve checked dude, links are working correctly, can you download manually using wget command and then install it.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Join Over 75000+ Linux Users
  1. 51334
  2. 2657
  3. 16705

Enter your email to get latest Linux Howto's