SensorFleet IDS Rule Manager Instrument
Provides management web ui for Zeek and Suricata instruments.
In Rule Manager Suricata and Zeek entries can be created and edited, also external lists can be used together with locally created.
Rule manager delivers entries to Zeek and Suricata instruments.
Features
- History log of user interactions with entries
- Validation for locally created entries
Suricata
-
Rule list management
- Local rule lists
- External rule lists
- Rule revisions
- Rule commenting
- Event filter management
- Rule search
Zeek
- Scripts management
- Blacklists management
Properties
| Developer | SensorFleet Oy |
| Categories | Attack Detection, Traffic Analysis, IDS |
| Network access type | None |
| Required interfaces | None |
| Dependencies | Suricata IDS |
| Related Instruments | Zeek |
| Data retention | Rule manager stores edit history of Suricata rules and history of user actions (edit, delete creation) |
| Management UI | Yes |