I use Suricata for Windows servers, but it uses a lot of memory and disk space on my servers. When I try to configure it based on the documentation, the adjustments don't work. I'm thinking about replacing it with snort, what do you say?
Hey , i m working on an ids using suricata with filebeat and elk , i have 2 vms , 1st with elk / kibana and 2nd with suricata and filebeat , i wanna add wazuh to this config , would it be possible ?
If you're following the instructions in this video and using Vim, you can save the changes made to the configuration file by pressing "Esc" to exit "Insert" mode then ":w" to write your changes. To search the file for specific text, you will use "/$word" then press the "return" or "enter" key. The example in the video is "/af-packet" If you're unfamiliar with Vim, we suggest checking out these videos: - th-cam.com/video/bR5bZriaOVU/w-d-xo.htmlsi=c2RKmH81QW0NXD9P - th-cam.com/video/zE0hno3vV9M/w-d-xo.htmlsi=C8CE35M1BPPgMSry
can you share the presentation file plz ?
I use Suricata for Windows servers, but it uses a lot of memory and disk space on my servers. When I try to configure it based on the documentation, the adjustments don't work.
I'm thinking about replacing it with snort, what do you say?
Hey , i m working on an ids using suricata with filebeat and elk , i have 2 vms , 1st with elk / kibana and 2nd with suricata and filebeat , i wanna add wazuh to this config , would it be possible ?
How to save the changes for things we done in configuration and to find the text??
If you're following the instructions in this video and using Vim, you can save the changes made to the configuration file by pressing "Esc" to exit "Insert" mode then ":w" to write your changes.
To search the file for specific text, you will use "/$word" then press the "return" or "enter" key. The example in the video is "/af-packet"
If you're unfamiliar with Vim, we suggest checking out these videos:
- th-cam.com/video/bR5bZriaOVU/w-d-xo.htmlsi=c2RKmH81QW0NXD9P
- th-cam.com/video/zE0hno3vV9M/w-d-xo.htmlsi=C8CE35M1BPPgMSry
Suricate logs on wazuh dashboard is not looking convincing and more confusing.
suricata or snort?
i'm team suricata
Sz@zk
how can the suricata work the sam snort
sudo snort -A console -q -u snort -g snort -c /etc/snort/snort.conf -i wlp0s20f3