Suricata-IDS GUI

hack3rcon · 07-20-2015, 09:08 AM

Hello.
I installed Suricata-IDS on CentOS 7 via below Link :

https://redmine.openinfosecfoundatio...7_Installation

How can I manage it via a GUI tool?

Thank you.

unSpawn · 07-20-2015, 04:32 PM

Suricata may be security related but your question is about using an unspecified GUI, which is not. Since you ask questions, again without showing any effort at all, tell us which GUIs you have found for this IDS, if you have read their documentation, if you installed any and where you got stuck. Also note GUIs are no substitute for practical knowledge: best first get familiar with what you run.

rporro · 10-19-2015, 10:05 PM

If your question is a GUI for managing it, I don't know any, but if the gui you are looking for is for the logs I can recommend even snorby (which is a nice but limited interface) or ELK (Elasticsearch + Logstash + Kibana which in my humble opinion is a way better and lighter interface and more configurable). There is also Sguill (haven't tested yet) and Base (which is a simple and nice interface, I will recomend this if you want tu use suricata as IPS in your local pc), maybe there are more GUI's but those are the ones I know, also like in my case which installed it in my laptop as firewall I use conky to read the logs every 5 secs to be notified about any attempt of network scan or many other things you may found in your network.

Habitual · 10-20-2015, 11:02 AM

Quote:

Originally Posted by Thor_2.0

I use one tool: discipline...that and a debug strategy...errors will light up the room

This struck me as apropos.
I'm not sure you have any.

////// · 10-22-2015, 09:14 AM

only GUI that i know of is pfSense's suricata package, if u have spare computer install pfSense in it.