| Table of Contents | ||||||
|---|---|---|---|---|---|---|
|
...
Purpose
The firewall injection for Suricata IDS AB is used in the Use Case: Suricata IDS AB. This injection is composed of a short file to provide sample synthetic data on ids.suricata.fasttable and for testing Suricata IDS Activeboard Use Case. The events of the file in the table file is injected continuously (it starts over after injecting the last event) and events are sent at a frequency of 1 second.
Launch Synthetic data
To launch Synthetic data go to Exchange in the navigation pane. Look for Synthetic data and click Launch to install it. Once it is installed, an Open button will display. Click Open so the data injection will start and the data will display.
| Info |
|---|
Stop data injection can always stop the synthetic data injection by clicking on the Stop synthetic data button. |
...
More information
...
Open synthetic data: Injection for Suricata IDS AB
Once the synthetic data has been launched, you can use the Open button at the top right of the card in Exchange to access the search window, where you can check the data table with the synthetic data. You can also access the data table using finders or LINQ via the Navigation pane (Data Search area → Explore your data tab).
...
Use synthetic data: Injection for Suricata IDS AB
After launching the synthetic data, you can use it in various contexts, such as the search window to perform operations to analyze the data, Activeboards to visualize and analyze the data graphically, or alerts to specify conditions to find anomalous events.
Synthetic data included inside a use case perform a key role in it, as they provide the necessary data to successfully understand what the use case intends to demonstrate.