btw, the rules folder for freshly ubuntu vm are stored in usr/share/suricata/rules .. others will face this error when they want to edit the local.rules. Just simply change the mentioned directories ..
weird, I recently installed ubuntu 22.04, and Suricata, and the rules files are in the /var/lib/suricata/rules directory: sudo ls -la /var/lib/suricata/rules/ total 27580 drwxr-x--- 2 root root 4096 Mar 27 19:45 . drwxr-xr-x 4 root root 4096 Mar 27 19:45 .. -rw-r--r-- 1 root root 3228 Mar 27 19:45 classification.config -rw-r--r-- 1 root root 28229228 Mar 27 19:45 suricata.rules
I get an error for the update at 11:14 mark [ERRCODE: SC_ERR_CONF_YAML_ERROR(242)] - The configuration file must begin with the following two lines: %YAML 1.1 and ---
Hello, firstly thanks for the video you provided its a big help but i am facing a problem is that the rules i set customly for icmp ping its not working and not generating any alert as you does why is it? your response will be very helpful
First: A big thanksgiving for that great video(s) about Suricata und IDS, now I unterstand it also👍👍👍 But when I want to monitor(not Control) all the traffic that are going in and out of my network I must run the Suricata IDS on a Firewall or router or something like this where the traffic goes trough?
If there are idiots out there like me. You are not supposed to write "1" in the beginning of the rule. You can check the there is any syntax error of the rule with "suricata -c /etc/suricata/suricata.yaml -i [INTERFACE]"
Hi. I managed to install Suricata on VMWare and it has successfully captured ping/icmp packet destinate to it. But it didn't capture any network traffic. Any suggestion?
Hello sir. I try update my rule set in suricata. But after give the update-suricata command i got the following error. Err Code: SC_ERR_CONF_YAML_ERROR(242) Can you help me to how to handle this error
This video can't get enough likes! You helped me work out the bugs in my suricata install, thank you!
Great video. You are producing some excellent content as I'm studying cybersecurity. Many thanks and much appreciated. Keep up the good work.
Thank you for this detailed video on how to install suricata and configure it. Really helped with my final year project in uni
btw, the rules folder for freshly ubuntu vm are stored in usr/share/suricata/rules .. others will face this error when they want to edit the local.rules. Just simply change the mentioned directories ..
Thanks a million
weird, I recently installed ubuntu 22.04, and Suricata, and the rules files are in the /var/lib/suricata/rules directory:
sudo ls -la /var/lib/suricata/rules/
total 27580
drwxr-x--- 2 root root 4096 Mar 27 19:45 .
drwxr-xr-x 4 root root 4096 Mar 27 19:45 ..
-rw-r--r-- 1 root root 3228 Mar 27 19:45 classification.config
-rw-r--r-- 1 root root 28229228 Mar 27 19:45 suricata.rules
Thanks alot for this video. It helped me to do my first configuration of Suricata
New Sub!!! Up and running 2024, so much better then snort
This was indeed a high quality content. Thanks!
thank you for sharing this knowledge I look forward to taking more classes from you.
I get an error for the update at 11:14 mark [ERRCODE: SC_ERR_CONF_YAML_ERROR(242)] - The configuration file must begin with the following two lines: %YAML 1.1 and ---
Hello, firstly thanks for the video you provided its a big help but i am facing a problem is that the rules i set customly for icmp ping its not working and not generating any alert as you does why is it? your response will be very helpful
Brilliant having the "Register for Part 2" pop up right after an easily edited whoopsie.
Thank you sir... You made my day
First: A big thanksgiving for that great video(s) about Suricata und IDS, now I unterstand it also👍👍👍
But when I want to monitor(not Control) all the traffic that are going in and out of my network I must run the Suricata IDS on a Firewall or router or something like this where the traffic goes trough?
If there are idiots out there like me. You are not supposed to write "1" in the beginning of the rule. You can check the there is any syntax error of the rule with "suricata -c /etc/suricata/suricata.yaml -i [INTERFACE]"
Hi. I managed to install Suricata on VMWare and it has successfully captured ping/icmp packet destinate to it. But it didn't capture any network traffic. Any suggestion?
When you'll upload next video of suricata??
Thanks for this!
Its finally here
ruclips.net/user/shortsNlhBppjxnqs?feature=share
love this man
When I install suricata I do not have config files in /etc/suricata. How to fix that?
Hello sir. I try update my rule set in suricata. But after give the update-suricata command i got the following error. Err Code: SC_ERR_CONF_YAML_ERROR(242)
Can you help me to how to handle this error
Hi Salinda
Did you find a solution for this error
thank you
But Suricata doesn't have a Web UI? I think I saw something about that
Definitely is quality content
If you are trying to make the flow ID lees predictable then don't use the default seed of 0.
Hi sir, can you also do a tutorial on ELK installation please. Thank you
I agree. You know we like to see pretty graphs.
Thank you!
Just brilliant!!
Really great !
it's very helpful
Hi sir I am new subscriber
External_Net != Home_net what about broadcast & multicast?
uhh? if you provide the correct gateway/CIDR . everything should be good .
I like always your video
Beautiful!
Great video!!!!!
Thanks for the video =)
Great video..!!!!
Thank you for the video. I have the rules only in /usr/share/suricata/rules. How can I get in them in default-rule-path: /var/lib/suricata/rules?
i am also facing the same problem. How you managed>??
actually all your rules that are in /usr/share/suricata/rules are compiled in /var/lib/suricata/rules suricata.rules
14:00
Great!
عاشت ايدك
tq sir
would give 100 likes if I could
F
first comment
I saw the logs. I'm a lumberjack and you're not 🙂 zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.