https://github.com/0snap/suricata-docker

docker container for suricata IDS, builds latest github master.
https://github.com/0snap/suricata-docker

Last synced: 4 months ago
JSON representation

docker container for suricata IDS, builds latest github master.

• Host: GitHub
• URL: https://github.com/0snap/suricata-docker
• Owner: 0snap
• License: mit
• Created: 2019-01-29T07:42:15.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2019-03-15T06:37:39.000Z (over 7 years ago)
• Last Synced: 2025-03-31T07:42:21.965Z (about 1 year ago)
• Language: Dockerfile
• Size: 25.4 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
Suricata Docker

===============

- Builds [Suricata IDS](https://suricata-ids.org/) from scratch (github master)

- Container base is `debian:stretch`

- Build stages to separate install dependencies

- Enables `python 3` helper script `suricata-update` inside the container 

### Usage

You can mount a directory to `/etc/suricata` with a custom `suricata.yaml` in it to override what is baked into the container image.

### Build

    $ docker build . -t fixel/suricata

    

### Run

You can find a container image on docker hub: [fixel/suricata](https://cloud.docker.com/repository/docker/fixel/suricata)

The container expects that you pass arguments to it, everything is passed to the `suricata` command. To listen on the interface `enp0s31f6` you would run this:

    $ docker run --net=host --name=suricata -ti fixel/suricata -i enp0s31f6

The logs will be stored in `/var/log/suricata`, which is marked as docker volume. You can extract them by the usual means of container management.