Continuing the discussion from Road to NS 7 RC:
Let’s make this simple howto!
Great work!
Anyone want to test the suricata package? @quality_team
@jackyes @rasi @JOduMonT @Linux4All @fasttech @EddieA @Adam @Adam_S are the right guys for this task!
Will it work off a tap? Or only on traffic that passes through the server?
Great! 
In this case, because ELK stack must be installed, can we resume the following topic?
Improve Mail Log Viewer and Query
Improve Mail Log Viewer and Query - #24 by alefattorini
( Tipstuff.org - TIPSTUFF.ORG )
TIA,
Gabriel
BTW great work @Stll0 
It works only if the server is the firewall of the network.
1 Like
Software Center says nethserver-snort, my search result for the package is old, where is suricata?
do you have some free time? 
4 Likes
All done!
2 Likes
This might be of interest to users - I release a new version of EveBox last week that can work without an external database. Instead it can use an embedded SQLite database. Provided you have Suricata logging to /var/log/suricata/eve.log, all you need is the EveBox binary and you can do something like ‘evebox server --datastore sqlite --input /var/log/suricata/eve.json’.
Anyways, just FYI as its useful in environments where Elastic Search is not an option.
4 Likes
@jasonish thanks for jumping into the community Suricata_IDS core developer?