{"id":2639,"date":"2025-06-03T08:27:36","date_gmt":"2025-06-03T05:27:36","guid":{"rendered":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/"},"modified":"2025-06-03T08:27:36","modified_gmt":"2025-06-03T05:27:36","slug":"comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server","status":"publish","type":"post","link":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/","title":{"rendered":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server"},"content":{"rendered":"<p><br \/>\n<\/p>\n<p>Welcome to our in-depth guide on setting up Suricata, a powerful open-source Intrusion Detection System (IDS) and Intrusion Prevention System (IPS), on your Linux server. Suricata not only monitors your network traffic for suspicious activity but also can actively block unwanted traffic, making it an invaluable tool for enhancing your security posture.<\/p>\n<p><\/p>\n<h2>What is Suricata?<\/h2>\n<p><\/p>\n<p>Suricata is an open-source network threat detection engine that provides intrusion detection, intrusion prevention, and security monitoring functionalities. It examines network traffic and generates alerts when it detects potentially harmful behavior, based on pre-defined rules.<\/p>\n<p><\/p>\n<h3>Key Features<\/h3>\n<p><\/p>\n<ul><\/p>\n<li><strong>Multi-threading<\/strong>: Suricata can utilize multiple processor cores, allowing it to analyze traffic efficiently.<\/li>\n<p><\/p>\n<li><strong>Protocol Identification<\/strong>: It can identify protocols running on the network and render analysis accordingly.<\/li>\n<p><\/p>\n<li><strong>File Extraction<\/strong>: Suricata can extract files from network traffic for further inspection.<\/li>\n<p><\/p>\n<li><strong>Integrated with Elastic Stack<\/strong>: Suricata can send data to Elasticsearch for real-time analysis and visualization.<\/li>\n<p>\n<\/ul>\n<p><\/p>\n<h2>Prerequisites<\/h2>\n<p><\/p>\n<p>Before you proceed with the installation, ensure that your server meets the following prerequisites:<\/p>\n<p><\/p>\n<ul><\/p>\n<li>A Linux server (Ubuntu, CentOS, or Debian recommended)<\/li>\n<p><\/p>\n<li>Root or sudo access<\/li>\n<p><\/p>\n<li>Basic understanding of Linux command line<\/li>\n<p><\/p>\n<li>Internet Connection<\/li>\n<p>\n<\/ul>\n<p><\/p>\n<h2>Installation Steps<\/h2>\n<p><\/p>\n<h3>Step 1: Update Your System<\/h3>\n<p><\/p>\n<p>Before installing any new software, it&#8217;s crucial to update your package lists and upgrade existing packages.<\/p>\n<p><\/p>\n<p>bash<br \/>\nsudo apt update &amp;&amp; sudo apt upgrade -y    # For Ubuntu\/Debian<\/p>\n<p><\/p>\n<p>sudo yum update -y                        # For CentOS\/RHEL<\/p>\n<p><\/p>\n<h3>Step 2: Install Dependencies<\/h3>\n<p><\/p>\n<p>Suricata requires several dependencies to function correctly. Install them using the following commands:<\/p>\n<p><\/p>\n<p>bash<\/p>\n<p>sudo apt install -y build-essential pkg-config libpcap-dev libnet1-dev \\<br \/>\nlibyaml-dev libirqbalance-dev libjansson-dev libmagic-dev \\<br \/>\npython3-pip<\/p>\n<p>sudo yum install -y epel-release<br \/>\nsudo yum install -y gcc openssl-devel libpcap-devel \\<br \/>\nlibnet-devel libyaml-devel libjansson-devel file-devel<\/p>\n<p><\/p>\n<h3>Step 3: Download and Install Suricata<\/h3>\n<p><\/p>\n<p>Download the latest Suricata version from the official website or GitHub repository. <\/p>\n<p><\/p>\n<p>bash<\/p>\n<p>wget <a href=\"https:\/\/www.openinfosecfoundation.org\/download\/suricata\">https:\/\/www.openinfosecfoundation.org\/download\/suricata<\/a>&#8211;<version>.tar.gz<\/p>\n<p>tar -zxvf suricata-<version>.tar.gz<br \/>\ncd suricata-<version><\/p>\n<p>.\/configure &#8211;prefix=\/usr &#8211;sysconfdir=\/etc &#8211;localstatedir=\/var<br \/>\nmake<br \/>\nsudo make install<br \/>\nsudo make install-conf<\/p>\n<p><\/p>\n<p>Replace <code>&lt;version&gt;<\/code> with the version number you are downloading.<\/p>\n<p><\/p>\n<h3>Step 4: Configure Suricata<\/h3>\n<p><\/p>\n<p>After installation, you will need to configure Suricata. The main configuration file can typically be found in <code>\/etc\/suricata\/suricata.yaml<\/code>.<\/p>\n<p><\/p>\n<p>Edit the configuration file to fit your network environment. At a minimum, specify the network interfaces that Suricata will monitor.<\/p>\n<p><\/p>\n<p>bash<br \/>\nsudo nano \/etc\/suricata\/suricata.yaml<\/p>\n<p><\/p>\n<p>Find the <code>af-packet<\/code> section:<\/p>\n<p><\/p>\n<p>yaml<br \/>\naf-packet:<\/p>\n<p><\/p>\n<ul><\/p>\n<li>interface: <your-network-interface><\/li>\n<p>\n<\/ul>\n<p><\/p>\n<p>Replace <code>&lt;your-network-interface&gt;<\/code> with the appropriate network interface name (you can check this using <code>ip a<\/code>).<\/p>\n<p><\/p>\n<h3>Step 5: Download and Configure Rules<\/h3>\n<p><\/p>\n<p>Suricata relies on a set of rules to detect threats. You can use the Emerging Threats (ET) community rules or create custom rules.<\/p>\n<p><\/p>\n<p>To download ET community rules:<\/p>\n<p><\/p>\n<p>bash<br \/>\nsudo suricata-update<\/p>\n<p><\/p>\n<h3>Step 6: Start Suricata<\/h3>\n<p><\/p>\n<p>You can start Suricata in IDS mode for initial testing:<\/p>\n<p><\/p>\n<p>bash<br \/>\nsudo suricata -c \/etc\/suricata\/suricata.yaml -v<\/p>\n<p><\/p>\n<p>If you wish to run in IPS mode, you might need to configure additional settings, including packet forwarding.<\/p>\n<p><\/p>\n<h3>Step 7: Check Logs and Alerts<\/h3>\n<p><\/p>\n<p>Suricata writes its logs to <code>\/var\/log\/suricata\/<\/code>. You can check the logs and alerts using:<\/p>\n<p><\/p>\n<p>bash<br \/>\ntail -f \/var\/log\/suricata\/suricata.log<br \/>\ntail -f \/var\/log\/suricata\/eve.json<\/p>\n<p><\/p>\n<p>The <code>eve.json<\/code> file will contain alerts in a structured format that can be easily parsed.<\/p>\n<p><\/p>\n<h3>Step 8: Enable Persistent Suricata Service<\/h3>\n<p><\/p>\n<p>To start Suricata at boot, enable and start the service:<\/p>\n<p><\/p>\n<p>bash<br \/>\nsudo systemctl enable suricata<br \/>\nsudo systemctl start suricata<\/p>\n<p><\/p>\n<h3>Step 9: Real-Time Monitoring with Elastic Stack (Optional)<\/h3>\n<p><\/p>\n<p>For advanced monitoring and analysis, consider integrating Suricata with the Elastic Stack (Elasticsearch, Logstash, and Kibana). This will allow you to visualize alerts and analyze network activities in real-time.<\/p>\n<p><\/p>\n<h3>Additional Considerations<\/h3>\n<p><\/p>\n<ul><\/p>\n<li><strong>Regular Updates<\/strong>: Ensure that both Suricata and your rule sets are regularly updated to keep your system secured against new vulnerabilities.<\/li>\n<p><\/p>\n<li><strong>Test Rules<\/strong>: Regularly test your ruleset against known vulnerabilities to ensure proper detection.<\/li>\n<p><\/p>\n<li><strong>Performance Tuning<\/strong>: Depending on your server and network traffic, consider performance tuning options in Suricata.<\/li>\n<p>\n<\/ul>\n<p><\/p>\n<h2>Conclusion<\/h2>\n<p><\/p>\n<p>Suricata is a robust tool for network security, capable of both monitoring and preventing intrusions. By following the steps outlined in this guide, you should now have a fully operational Suricata IDS\/IPS on your Linux server. Always remember that security is an ongoing process, and keeping your systems updated and monitored is crucial to maintaining a secure environment. <\/p>\n<p><\/p>\n<p>Feel free to reach out to us with your questions or feedback in the comments below! Happy securing!<\/p>\n\n","protected":false},"excerpt":{"rendered":"<p>Welcome to our in-depth guide on setting up Suricata, a powerful open-source Intrusion Detection System (IDS) and Intrusion Prevention System (IPS), on your Linux server. Suricata not only monitors your network traffic for suspicious activity but also can actively block unwanted traffic, making it an invaluable tool for enhancing your security posture. What is Suricata? [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":2640,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22],"tags":[218,233,1473,265,266,371,1472],"class_list":["post-2639","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux-security","tag-comprehensive","tag-guide","tag-idsips","tag-linux","tag-server","tag-setting","tag-suricata","et-has-post-format-content","et_post_format-et-post-format-standard"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.5 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server - WafaTech Blogs<\/title>\n<meta name=\"description\" content=\"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server %\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server\" \/>\n<meta property=\"og:description\" content=\"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server %\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/\" \/>\n<meta property=\"og:site_name\" content=\"WafaTech Blogs\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-06-03T05:27:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"2221\" \/>\n\t<meta property=\"og:image:height\" content=\"482\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"WafaTech SA\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@wafatech_sa\" \/>\n<meta name=\"twitter:site\" content=\"@wafatech_sa\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"WafaTech SA\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/\"},\"author\":{\"name\":\"WafaTech SA\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/person\\\/1a5761fc0feb63ab59d295d7c2648f06\"},\"headline\":\"Comprehensive Guide to Setting Up Suricata IDS\\\/IPS on Your Linux Server\",\"datePublished\":\"2025-06-03T05:27:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/\"},\"wordCount\":719,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png\",\"keywords\":[\"Comprehensive\",\"Guide\",\"IDSIPS\",\"Linux\",\"Server\",\"Setting\",\"Suricata\"],\"articleSection\":[\"Linux Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/\",\"name\":\"Comprehensive Guide to Setting Up Suricata IDS\\\/IPS on Your Linux Server - WafaTech Blogs\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png\",\"datePublished\":\"2025-06-03T05:27:36+00:00\",\"description\":\"Comprehensive Guide to Setting Up Suricata IDS\\\/IPS on Your Linux Server %\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#primaryimage\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png\",\"contentUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png\",\"width\":1024,\"height\":1024,\"caption\":\"linux server setting up Suricata IDS\\\/IPS\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Comprehensive Guide to Setting Up Suricata IDS\\\/IPS on Your Linux Server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\",\"name\":\"WafaTech Blogs\",\"description\":\"Smart Technologies\",\"publisher\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\"},\"alternateName\":\"WafaTech\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\",\"name\":\"WafaTech Blogs\",\"alternateName\":\"WafaTech\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/logo_big.webp\",\"contentUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/logo_big.webp\",\"width\":2221,\"height\":482,\"caption\":\"WafaTech Blogs\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/WafaTech\\\/61560546351289\\\/\",\"https:\\\/\\\/x.com\\\/wafatech_sa\",\"https:\\\/\\\/www.youtube.com\\\/@wafatech-sa\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/wafatech\\\/\"],\"description\":\"WafaTech, a leading Saudi IT services provider, specializes in cloud solutions, connectivity, and ICT services. Offering secure cloud infrastructure, high-speed internet, and ICT solutions like hosting, backup, and disaster recovery, WafaTech operates a Tier 3 data center at KAUST with ISO certifications. Regulated by CST, the company is committed to innovation, security, and customer satisfaction, empowering businesses in the digital age.\",\"email\":\"sales@wafatech.sa\",\"legalName\":\"Al-Wafa Al-Dhakia For Information Technology LLC\",\"foundingDate\":\"2013-01-08\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"11\",\"maxValue\":\"50\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/person\\\/1a5761fc0feb63ab59d295d7c2648f06\",\"name\":\"WafaTech SA\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"caption\":\"WafaTech SA\"},\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/author\\\/omer-yaseen\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server - WafaTech Blogs","description":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server %","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/","og_locale":"en_US","og_type":"article","og_title":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server","og_description":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server %","og_url":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/","og_site_name":"WafaTech Blogs","article_publisher":"https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/","article_published_time":"2025-06-03T05:27:36+00:00","og_image":[{"width":2221,"height":482,"url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","type":"image\/webp"}],"author":"WafaTech SA","twitter_card":"summary_large_image","twitter_creator":"@wafatech_sa","twitter_site":"@wafatech_sa","twitter_misc":{"Written by":"WafaTech SA","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#article","isPartOf":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/"},"author":{"name":"WafaTech SA","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/person\/1a5761fc0feb63ab59d295d7c2648f06"},"headline":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server","datePublished":"2025-06-03T05:27:36+00:00","mainEntityOfPage":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/"},"wordCount":719,"commentCount":0,"publisher":{"@id":"https:\/\/wafatech.sa\/blog\/#organization"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#primaryimage"},"thumbnailUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/06\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png","keywords":["Comprehensive","Guide","IDSIPS","Linux","Server","Setting","Suricata"],"articleSection":["Linux Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/","url":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/","name":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server - WafaTech Blogs","isPartOf":{"@id":"https:\/\/wafatech.sa\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#primaryimage"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#primaryimage"},"thumbnailUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/06\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png","datePublished":"2025-06-03T05:27:36+00:00","description":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server %","breadcrumb":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#primaryimage","url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/06\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png","contentUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/06\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png","width":1024,"height":1024,"caption":"linux server setting up Suricata IDS\/IPS"},{"@type":"BreadcrumbList","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/comprehensive-guide-to-setting-up-suricata-ids-ips-on-your-linux-server\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wafatech.sa\/blog\/"},{"@type":"ListItem","position":2,"name":"Comprehensive Guide to Setting Up Suricata IDS\/IPS on Your Linux Server"}]},{"@type":"WebSite","@id":"https:\/\/wafatech.sa\/blog\/#website","url":"https:\/\/wafatech.sa\/blog\/","name":"WafaTech Blogs","description":"Smart Technologies","publisher":{"@id":"https:\/\/wafatech.sa\/blog\/#organization"},"alternateName":"WafaTech","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wafatech.sa\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/wafatech.sa\/blog\/#organization","name":"WafaTech Blogs","alternateName":"WafaTech","url":"https:\/\/wafatech.sa\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","contentUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","width":2221,"height":482,"caption":"WafaTech Blogs"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/","https:\/\/x.com\/wafatech_sa","https:\/\/www.youtube.com\/@wafatech-sa","https:\/\/www.linkedin.com\/company\/wafatech\/"],"description":"WafaTech, a leading Saudi IT services provider, specializes in cloud solutions, connectivity, and ICT services. Offering secure cloud infrastructure, high-speed internet, and ICT solutions like hosting, backup, and disaster recovery, WafaTech operates a Tier 3 data center at KAUST with ISO certifications. Regulated by CST, the company is committed to innovation, security, and customer satisfaction, empowering businesses in the digital age.","email":"sales@wafatech.sa","legalName":"Al-Wafa Al-Dhakia For Information Technology LLC","foundingDate":"2013-01-08","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"11","maxValue":"50"}},{"@type":"Person","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/person\/1a5761fc0feb63ab59d295d7c2648f06","name":"WafaTech SA","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","caption":"WafaTech SA"},"url":"https:\/\/wafatech.sa\/blog\/author\/omer-yaseen\/"}]}},"jetpack_featured_media_url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/06\/Comprehensive-Guide-to-Setting-Up-Suricata-IDSIPS-on-Your-Linux.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts\/2639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/comments?post=2639"}],"version-history":[{"count":0,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts\/2639\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/media\/2640"}],"wp:attachment":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/media?parent=2639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/categories?post=2639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/tags?post=2639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}