What is Suricata ?
Suricata is an Open Source IDS / IPS (Intrusion Detection & Prevention System) developped by the OISF (Open Information Security Foundation).
Suricata analyzes traffic on one or more network interfaces according to activated rules (e.g. Emerging Threat Open, etc.), and generates messages for each event matching on of its rules. Those messages can be sent to the ServicePilot web interface in real-time by syslog.
Suricata Syslog monitoring
This package performs a pre-built search to count Suricata Events by severity and includes a template dashboard in order to automatically analyze data across Suricata Syslogs messages sent to ServicePilot.
The built-in dashboard displays Suricata events by types, top alert messages and signatures, as well as alert classifications over time.
Sending Suricata events with Syslog messages to ServicePilot allows to get a web based console to view suricata events, with built-in customizable dashboards, alerts, PDF reports, as well as other ServicePilot software features such as Machine Learning algorithms, tactical monitoring maps and custom searches.