Welcome to the Aanval Wiki. Snort, Suricata and Syslog Intrusion Detection, Situational Awareness and Risk Management.
Visit http://www.aanval.com/ for more information.
Suricata is an open source-based intrusion detection system (IDS). It was developed by the Open Information Security Foundation (OISF). A beta version was released in December 2009, with the first standard release following in July 2010.
Using Suricata with Aanval
Since Suricata writes events in the Unified2 format, users will need Barnyard2 to parse the events from Unified2 to a Snort or MySQL database.
- To configure Suricata sensors to Aanval, please visit Snort Settings to first configure the Snort or MySQL database to which Suricata data is being written.
(See How do I create a database? for instructions to create a database.)
- Once the database is configured, please visit Sensor Configuration to further configure active Suricata sensors on the database.