Purpose
Suricata IDS Attacks Overview is the leading independent open-source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network security monitoring (NSM), and PCAP processing, this Activeboard allows you to quickly identify, stop, and assess the most sophisticated attacks. You can use this Activeboard to monitor attacks and intrusion attempts, and provide drill-down capabilities on all collected data.
Pre-requisites
To use the Suricata IDS Attacks Overview Activeboard, you must have the following data sources available on your domain:
ids.suricata.fastlearn more
Open Suricata IDS Attacks Overview
Once you have installed the application, you can access the Activeboard in the following ways:
Go to Exchange in the navigation pane and look for the Activeboard you want to open. Click Open.
Go to Activeboards in the navigation pane and use the filter to open the Activeboard you downloaded.
Know more about Activeboards
Refer to Manage and filter Activeboards article to know how to work with Activeboards.
Exploring the Activeboard
See the following video to have an overview of what widgets you can find in the Suricata IDS Attack Overview Activeboard:
Load data takes too long
Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to Aggregation tasks article to learn how to do it.