Update Package Lists:
sudo apt update
Install Suricata:
sudo apt install suricata
Configure Suricata:
The main configuration file for Suricata is located at /etc/suricata/suricata.yaml. You may want to customize this file based on your network setup. Here’s a basic example of how to open it in a text editor:
sudo nano /etc/suricata/suricata.yaml
Start Suricata:
sudo suricata -c /etc/suricata/suricata.yaml -i your_network_interface
Replace your_network_interface with the appropriate network interface name, such as eth0.
Verify Suricata Status: You can check if Suricata is running and processing traffic by using the following command:
sudo suricata --list-runmodes
Monitoring Suricata: Suricata provides logs in the /var/log/suricata/ directory. Check the logs for any alerts or issues. For example:
tail -f /var/log/suricata/fast.log
Automatically Start Suricata on Boot: To ensure Suricata starts automatically when the system boots, enable the Suricata service:
sudo systemctl enable suricata
To start Suricata automatically now, you can use:
sudo systemctl start suricata
That’s it! You now have Suricata installed and running on your Debian 11 system. Remember to adjust the configuration based on your specific requirements and network setup.
Similar Posts:
- how to Automatically execute script at Linux startup with Debian 9
- How to fix ‘add-apt-repository command not found’ Error on Ubuntu and Debian
- debian / ubuntu dig command not found
- how to install csf on debian
- how to upgrade debian 9 (stretch) to 10 (buster)