I’ve given a talk entitled “Suricata 2.0, Netfilter and the PRC” at the Hackito Ergo Sum conference.
The talk is presenting Suricata and the new features available in version 2.0, focusing on the new EVE output and how it can be used with Elasticsearch, Logstash and Kibana. I’ve also shown how ulogd, the Netfilter logging daemon can be used with Elasticsearch thanks to the new JSON output plugin. Finally, I’ve explained how I’ve discovered a attack schema which is originating from systems running in the People Republic of China.
You can get the slides here: Suricata 2.0, Netfilter and the PRC
This is the first blog post on Stamus Networks technical blog. You will find here posts focused on Intrusion Detection System and Network Security Monitoring as well as information specific to Suricata or our products.