{"id":230,"date":"2024-10-20T19:25:59","date_gmt":"2024-10-20T13:55:59","guid":{"rendered":"https:\/\/hackzone.in\/blog\/?p=230"},"modified":"2024-11-16T13:31:27","modified_gmt":"2024-11-16T08:01:27","slug":"suricata-real-time-traffic-analysis","status":"publish","type":"post","link":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/","title":{"rendered":"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis"},"content":{"rendered":"\n<p>Are you using <strong>Suricata IDS<\/strong> and want to visualize your network alerts in real-time without constantly digging through log files? You\u2019re in the right place! While Suricata is known for its command-line power, integrating it with a <strong>Graphical User Interface (GUI)<\/strong> can provide you with visual dashboards, easy-to-read alerts, and intuitive rule management. \ud83d\ude80<\/p>\n\n\n\n<p>This guide will take you through the process of monitoring Suricata using tools like <strong>Kibana<\/strong>, <strong>EveBox<\/strong>, and <strong>Scirius<\/strong>, making it easier to manage your network security and respond to threats quickly.<\/p>\n\n\n  \r\n    \r\n<div id=\"wpj-jtoc\" class=\"wpj-jtoc wpj-jtoc--main --jtoc-the-content --jtoc-theme-original --jtoc-title-align-left --jtoc-toggle-icon --jtoc-toggle-position-right --jtoc-toggle-1 --jtoc-has-numeration --jtoc-numeration-legacy --jtoc-has-custom-styles --jtoc-is-unfolded --jtoc-align-left\" >\r\n  <!-- TOC -->\r\n        <div class=\"wpj-jtoc--toc wpj-jtoc--toc-inline \" >\r\n              <div class=\"wpj-jtoc--header\">\r\n        <div class=\"wpj-jtoc--header-main\">\r\n                    <div class=\"wpj-jtoc--title\">\r\n                        <span class=\"wpj-jtoc--title-label\">Table of contents<\/span>\r\n          <\/div>\r\n                                <div class=\"wpj-jtoc--toggle-wrap\">\r\n                                                          <div class=\"wpj-jtoc--toggle-box\">\r\n                  <div class=\"wpj-jtoc--toggle\"><\/div>\r\n                <\/div>\r\n                          <\/div>\r\n                  <\/div>\r\n      <\/div>\r\n            <div class=\"wpj-jtoc--body\">\r\n            <nav class=\"wpj-jtoc--nav\">\r\n        <ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#why-monitor-suricata-ids-using-a-gui\"  title=\"\ud83d\udcca Why Monitor Suricata IDS Using a GUI?\" data-numeration=\"1\">\ud83d\udcca Why Monitor Suricata IDS Using a GUI?<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#prerequisites-for-gui-monitoring\"  title=\"\ud83d\udee0\ufe0f Prerequisites for GUI Monitoring\" data-numeration=\"2\">\ud83d\udee0\ufe0f Prerequisites for GUI Monitoring<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#1-setting-up-kibana-and-elasticsearch-for-suricata-monitoring\"  title=\"\u2699\ufe0f 1. Setting Up Kibana and Elasticsearch for Suricata Monitoring\" data-numeration=\"3\">\u2699\ufe0f 1. Setting Up Kibana and Elasticsearch for Suricata Monitoring<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#step-by-step-guide-to-kibana-setup\"  title=\"Step-by-Step Guide to Kibana Setup:\" data-numeration=\"3.1\">Step-by-Step Guide to Kibana Setup:<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-1-installing-elasticsearch\"  title=\"Step 1: Installing Elasticsearch \ud83d\udce5\" data-numeration=\"3.1.1\">Step 1: Installing Elasticsearch \ud83d\udce5<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-2-configuring-logstash-to-ingest-suricata-logs\"  title=\"Step 2: Configuring Logstash to Ingest Suricata Logs \ud83d\udcc2\" data-numeration=\"3.1.2\">Step 2: Configuring Logstash to Ingest Suricata Logs \ud83d\udcc2<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-3-installing-and-configuring-kibana\"  title=\"Step 3: Installing and Configuring Kibana \ud83c\udfa8\" data-numeration=\"3.1.3\">Step 3: Installing and Configuring Kibana \ud83c\udfa8<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-4-visualizing-suricata-data-in-kibana\"  title=\"Step 4: Visualizing Suricata Data in Kibana \ud83d\udcca\" data-numeration=\"3.1.4\">Step 4: Visualizing Suricata Data in Kibana \ud83d\udcca<\/a>\r\n                    <\/div><\/li><\/ol><\/li><\/ol><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#2-using-evebox-for-real-time-alert-monitoring\"  title=\"\ud83d\udda5\ufe0f 2. Using EveBox for Real-Time Alert Monitoring\" data-numeration=\"4\">\ud83d\udda5\ufe0f 2. Using EveBox for Real-Time Alert Monitoring<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#step-by-step-guide-for-setting-up-evebox\"  title=\"Step-by-Step Guide for Setting Up EveBox:\" data-numeration=\"4.1\">Step-by-Step Guide for Setting Up EveBox:<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-1-install-evebox\"  title=\"Step 1: Install EveBox \ud83d\udda5\ufe0f\" data-numeration=\"4.1.1\">Step 1: Install EveBox \ud83d\udda5\ufe0f<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-2-access-evebox-in-your-browser\"  title=\"Step 2: Access EveBox in Your Browser \ud83c\udf10\" data-numeration=\"4.1.2\">Step 2: Access EveBox in Your Browser \ud83c\udf10<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-3-explore-evebox-features\"  title=\"Step 3: Explore EveBox Features \ud83c\udfaf\" data-numeration=\"4.1.3\">Step 3: Explore EveBox Features \ud83c\udfaf<\/a>\r\n                    <\/div><\/li><\/ol><\/li><\/ol><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#3-using-scirius-for-gui-rule-management-and-monitoring\"  title=\"\ud83d\uddb1\ufe0f 3. Using Scirius for GUI Rule Management and Monitoring\" data-numeration=\"5\">\ud83d\uddb1\ufe0f 3. Using Scirius for GUI Rule Management and Monitoring<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#step-by-step-guide-for-setting-up-scirius\"  title=\"Step-by-Step Guide for Setting Up Scirius:\" data-numeration=\"5.1\">Step-by-Step Guide for Setting Up Scirius:<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-1-install-scirius\"  title=\"Step 1: Install Scirius \ud83d\udce5\" data-numeration=\"5.1.1\">Step 1: Install Scirius \ud83d\udce5<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-2-access-scirius-via-browser\"  title=\"Step 2: Access Scirius via Browser \ud83c\udf10\" data-numeration=\"5.1.2\">Step 2: Access Scirius via Browser \ud83c\udf10<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h4\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h4\" data-depth=\"4\">\r\n                                                <a href=\"#step-3-use-scirius-for-rule-management\"  title=\"Step 3: Use Scirius for Rule Management \ud83d\udcdd\" data-numeration=\"5.1.3\">Step 3: Use Scirius for Rule Management \ud83d\udcdd<\/a>\r\n                    <\/div><\/li><\/ol><\/li><\/ol><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#conclusion-visualize-and-manage-suricata-like-a-pro\"  title=\"\ud83c\udf89 Conclusion: Visualize and Manage Suricata Like a Pro!\" data-numeration=\"6\">\ud83c\udf89 Conclusion: Visualize and Manage Suricata Like a Pro!<\/a>\r\n                    <\/div><\/li><\/ol>      <\/nav>\r\n          <\/div>\r\n      <\/div>\r\n    <\/div>\r\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#%F0%9F%93%8A_Why_Monitor_Suricata_IDS_Using_a_GUI\" >\ud83d\udcca Why Monitor Suricata IDS Using a GUI?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#%F0%9F%9B%A0%EF%B8%8F_Prerequisites_for_GUI_Monitoring\" >\ud83d\udee0\ufe0f Prerequisites for GUI Monitoring<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#%E2%9A%99%EF%B8%8F_1_Setting_Up_Kibana_and_Elasticsearch_for_Suricata_Monitoring\" >\u2699\ufe0f 1. Setting Up Kibana and Elasticsearch for Suricata Monitoring<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step-by-Step_Guide_to_Kibana_Setup\" >Step-by-Step Guide to Kibana Setup:<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_1_Installing_Elasticsearch_%F0%9F%93%A5\" >Step 1: Installing Elasticsearch \ud83d\udce5<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_2_Configuring_Logstash_to_Ingest_Suricata_Logs_%F0%9F%93%82\" >Step 2: Configuring Logstash to Ingest Suricata Logs \ud83d\udcc2<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_3_Installing_and_Configuring_Kibana_%F0%9F%8E%A8\" >Step 3: Installing and Configuring Kibana \ud83c\udfa8<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_4_Visualizing_Suricata_Data_in_Kibana_%F0%9F%93%8A\" >Step 4: Visualizing Suricata Data in Kibana \ud83d\udcca<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#%F0%9F%96%A5%EF%B8%8F_2_Using_EveBox_for_Real-Time_Alert_Monitoring\" >\ud83d\udda5\ufe0f 2. Using EveBox for Real-Time Alert Monitoring<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step-by-Step_Guide_for_Setting_Up_EveBox\" >Step-by-Step Guide for Setting Up EveBox:<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_1_Install_EveBox_%F0%9F%96%A5%EF%B8%8F\" >Step 1: Install EveBox \ud83d\udda5\ufe0f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_2_Access_EveBox_in_Your_Browser_%F0%9F%8C%90\" >Step 2: Access EveBox in Your Browser \ud83c\udf10<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_3_Explore_EveBox_Features_%F0%9F%8E%AF\" >Step 3: Explore EveBox Features \ud83c\udfaf<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#%F0%9F%96%B1%EF%B8%8F_3_Using_Scirius_for_GUI_Rule_Management_and_Monitoring\" >\ud83d\uddb1\ufe0f 3. Using Scirius for GUI Rule Management and Monitoring<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step-by-Step_Guide_for_Setting_Up_Scirius\" >Step-by-Step Guide for Setting Up Scirius:<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_1_Install_Scirius_%F0%9F%93%A5\" >Step 1: Install Scirius \ud83d\udce5<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_2_Access_Scirius_via_Browser_%F0%9F%8C%90\" >Step 2: Access Scirius via Browser \ud83c\udf10<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#Step_3_Use_Scirius_for_Rule_Management_%F0%9F%93%9D\" >Step 3: Use Scirius for Rule Management \ud83d\udcdd<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#%F0%9F%8E%89_Conclusion_Visualize_and_Manage_Suricata_Like_a_Pro\" >\ud83c\udf89 Conclusion: Visualize and Manage Suricata Like a Pro!<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%F0%9F%93%8A_Why_Monitor_Suricata_IDS_Using_a_GUI\"><\/span>\ud83d\udcca Why Monitor Suricata IDS Using a GUI?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Suricata is a fantastic IDS, but without proper visualization, you might miss critical events hidden in your logs. Here\u2019s why you should use a GUI:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\ud83d\udc41\ufe0f <strong>Visualize Alerts<\/strong>: Easily view network traffic patterns, intrusion attempts, and alert summaries.<\/li>\n\n\n\n<li>\u2699\ufe0f <strong>Simplify Rule Management<\/strong>: Enable, disable, or modify rules without editing files manually.<\/li>\n\n\n\n<li>\u23f1\ufe0f <strong>Real-Time Monitoring<\/strong>: Get real-time updates and alert notifications directly in your dashboard.<\/li>\n\n\n\n<li>\ud83d\udd0d <strong>Filter and Search<\/strong>: Quickly filter out the noise to focus on important events.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%F0%9F%9B%A0%EF%B8%8F_Prerequisites_for_GUI_Monitoring\"><\/span>\ud83d\udee0\ufe0f Prerequisites for GUI Monitoring<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Before you start, make sure you have the following:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Suricata installed<\/strong> on your system (either Windows, Linux, or macOS).<\/li>\n\n\n\n<li><strong>Packet capturing tools<\/strong>: WinPcap or Npcap on Windows, or a similar tool for Linux.<\/li>\n\n\n\n<li>A GUI tool such as <strong>Kibana<\/strong>, <strong>EveBox<\/strong>, or <strong>Scirius<\/strong> for visualization.<\/li>\n\n\n\n<li>Some basic knowledge of working with network logs and alert data. \ud83d\udd27<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E2%9A%99%EF%B8%8F_1_Setting_Up_Kibana_and_Elasticsearch_for_Suricata_Monitoring\"><\/span>\u2699\ufe0f 1. Setting Up Kibana and Elasticsearch for Suricata Monitoring<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><strong>Elastic Stack<\/strong> (Elasticsearch, Logstash, and Kibana) is one of the most powerful ways to monitor and visualize Suricata data. With it, you can create custom dashboards, set alerts, and filter traffic in real-time.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step-by-Step_Guide_to_Kibana_Setup\"><\/span>Step-by-Step Guide to Kibana Setup:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_1_Installing_Elasticsearch_%F0%9F%93%A5\"><\/span>Step 1: Installing Elasticsearch \ud83d\udce5<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Download Elasticsearch<\/strong>: Visit the official <a href=\"https:\/\/www.elastic.co\/downloads\/elasticsearch\">Elasticsearch site<\/a> and download the version compatible with your OS.<\/li>\n\n\n\n<li><strong>Install Elasticsearch<\/strong>: Once downloaded, follow the instructions for your system.<\/li>\n\n\n\n<li><strong>Start Elasticsearch<\/strong>:<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span role=\"button\" tabindex=\"0\" data-code=\".\/bin\/elasticsearch\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M4.5 12.75l6 6 9-13.5\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M16.5 8.25V6a2.25 2.25 0 00-2.25-2.25H6A2.25 2.25 0 003.75 6v8.25A2.25 2.25 0 006 16.5h2.25m8.25-8.25H18a2.25 2.25 0 012.25 2.25V18A2.25 2.25 0 0118 20.25h-7.5A2.25 2.25 0 018.25 18v-1.5m8.25-8.25h-6a2.25 2.25 0 00-2.25 2.25v6\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">.\/bin\/elasticsearch<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>Elasticsearch will run on <strong><code>http:\/\/localhost:9200<\/code><\/strong> by default.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_2_Configuring_Logstash_to_Ingest_Suricata_Logs_%F0%9F%93%82\"><\/span>Step 2: Configuring Logstash to Ingest Suricata Logs \ud83d\udcc2<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Download Logstash<\/strong>: Head to the <a href=\"https:\/\/www.elastic.co\/downloads\/logstash\">Logstash download page<\/a> and install it.<\/li>\n\n\n\n<li><strong>Configure Logstash<\/strong>: Create a configuration file <strong><code>logstash-suricata.conf<\/code><\/strong> for Suricata logs:<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span role=\"button\" tabindex=\"0\" data-code=\"input {\n  file {\n    path =&gt; &quot;\/path\/to\/suricata\/logs\/eve.json&quot;\n    start_position =&gt; &quot;beginning&quot;\n    codec =&gt; &quot;json&quot;\n  }\n}\n\noutput {\n  elasticsearch {\n    hosts =&gt; [&quot;localhost:9200&quot;]\n    index =&gt; &quot;suricata-%{+YYYY.MM.dd}&quot;\n  }\n}\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M4.5 12.75l6 6 9-13.5\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M16.5 8.25V6a2.25 2.25 0 00-2.25-2.25H6A2.25 2.25 0 003.75 6v8.25A2.25 2.25 0 006 16.5h2.25m8.25-8.25H18a2.25 2.25 0 012.25 2.25V18A2.25 2.25 0 0118 20.25h-7.5A2.25 2.25 0 018.25 18v-1.5m8.25-8.25h-6a2.25 2.25 0 00-2.25 2.25v6\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">input<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">{<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">  <\/span><span style=\"color: #DCDCAA\">file<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">{<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">path<\/span><span style=\"color: #D4D4D4\"> =&gt; <\/span><span style=\"color: #CE9178\">&quot;\/path\/to\/suricata\/logs\/eve.json&quot;<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">start_position<\/span><span style=\"color: #D4D4D4\"> =&gt; <\/span><span style=\"color: #CE9178\">&quot;beginning&quot;<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">codec<\/span><span style=\"color: #D4D4D4\"> =&gt; <\/span><span style=\"color: #CE9178\">&quot;json&quot;<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">  }<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">}<\/span><\/span>\n<span class=\"line\"><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">output<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">{<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">  <\/span><span style=\"color: #DCDCAA\">elasticsearch<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">{<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">hosts<\/span><span style=\"color: #D4D4D4\"> =&gt; [<\/span><span style=\"color: #CE9178\">&quot;localhost:9200&quot;<\/span><span style=\"color: #D4D4D4\">]<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">index<\/span><span style=\"color: #D4D4D4\"> =&gt; <\/span><span style=\"color: #CE9178\">&quot;suricata-%{+YYYY.MM.dd}&quot;<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">  }<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">}<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>This will send Suricata\u2019s <code><strong>eve.json<\/strong><\/code> logs into Elasticsearch.<\/p>\n\n\n\n<p>3. <strong>Run Logstash<\/strong>:<\/p>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span role=\"button\" tabindex=\"0\" data-code=\".\/bin\/logstash -f logstash-suricata.conf\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M4.5 12.75l6 6 9-13.5\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M16.5 8.25V6a2.25 2.25 0 00-2.25-2.25H6A2.25 2.25 0 003.75 6v8.25A2.25 2.25 0 006 16.5h2.25m8.25-8.25H18a2.25 2.25 0 012.25 2.25V18A2.25 2.25 0 0118 20.25h-7.5A2.25 2.25 0 018.25 18v-1.5m8.25-8.25h-6a2.25 2.25 0 00-2.25 2.25v6\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">.\/bin\/logstash<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #569CD6\">-f<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">logstash-suricata.conf<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_3_Installing_and_Configuring_Kibana_%F0%9F%8E%A8\"><\/span>Step 3: Installing and Configuring Kibana \ud83c\udfa8<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Download Kibana<\/strong>: Grab it from the <a href=\"https:\/\/www.elastic.co\/downloads\/kibana\">Kibana download page<\/a>.<\/li>\n\n\n\n<li><strong>Start Kibana<\/strong>:<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span role=\"button\" tabindex=\"0\" data-code=\".\/bin\/kibana\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M4.5 12.75l6 6 9-13.5\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M16.5 8.25V6a2.25 2.25 0 00-2.25-2.25H6A2.25 2.25 0 003.75 6v8.25A2.25 2.25 0 006 16.5h2.25m8.25-8.25H18a2.25 2.25 0 012.25 2.25V18A2.25 2.25 0 0118 20.25h-7.5A2.25 2.25 0 018.25 18v-1.5m8.25-8.25h-6a2.25 2.25 0 00-2.25 2.25v6\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">.\/bin\/kibana<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>Kibana will be accessible at<code> <strong>http:\/\/localhost:5601<\/strong>.<\/code><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_4_Visualizing_Suricata_Data_in_Kibana_%F0%9F%93%8A\"><\/span>Step 4: Visualizing Suricata Data in Kibana \ud83d\udcca<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Create an Index Pattern<\/strong>:\n<ul class=\"wp-block-list\">\n<li>Go to <strong>Management > Stack Management > Index Patterns<\/strong> and create an index pattern for  <code><strong>suricata-*<\/strong><\/code>  to map Suricata\u2019s data.<\/li>\n\n\n\n<li>Set  <code><strong>@timestamp<\/strong><\/code>  as the primary time field.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Create Visualizations<\/strong>:\n<ul class=\"wp-block-list\">\n<li>Use Kibana\u2019s <strong>Visualize<\/strong> and <strong>Dashboard<\/strong> options to create custom charts and tables.<\/li>\n\n\n\n<li>Examples of dashboards:\n<ul class=\"wp-block-list\">\n<li><strong>Top Alerts<\/strong>: Show the most triggered alerts.<\/li>\n\n\n\n<li><strong>Traffic by Source\/Destination IP<\/strong>: Visualize network traffic by IP address.<\/li>\n\n\n\n<li><strong>Port Scans<\/strong>: Display data related to port scanning activities.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p>You now have a powerful visual tool for analyzing Suricata traffic, complete with dashboards and real-time alerts! \ud83c\udf89<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%F0%9F%96%A5%EF%B8%8F_2_Using_EveBox_for_Real-Time_Alert_Monitoring\"><\/span>\ud83d\udda5\ufe0f 2. Using EveBox for Real-Time Alert Monitoring<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>If you\u2019re looking for a simpler, lightweight solution for real-time Suricata alert monitoring, <strong>EveBox<\/strong> is a great choice. It provides a web-based front-end for Suricata, making it easy to classify and analyze alerts without installing complex infrastructures like the Elastic Stack.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step-by-Step_Guide_for_Setting_Up_EveBox\"><\/span>Step-by-Step Guide for Setting Up EveBox:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_1_Install_EveBox_%F0%9F%96%A5%EF%B8%8F\"><\/span>Step 1: Install EveBox \ud83d\udda5\ufe0f<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Download EveBox<\/strong>: Go to <a href=\"https:\/\/github.com\/jasonish\/evebox\/releases\">EveBox GitHub Releases<\/a> and download the appropriate release.<\/li>\n\n\n\n<li><strong>Run EveBox<\/strong>:<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span role=\"button\" tabindex=\"0\" data-code=\"evebox server --datastore \/path\/to\/suricata\/logs\/\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M4.5 12.75l6 6 9-13.5\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M16.5 8.25V6a2.25 2.25 0 00-2.25-2.25H6A2.25 2.25 0 003.75 6v8.25A2.25 2.25 0 006 16.5h2.25m8.25-8.25H18a2.25 2.25 0 012.25 2.25V18A2.25 2.25 0 0118 20.25h-7.5A2.25 2.25 0 018.25 18v-1.5m8.25-8.25h-6a2.25 2.25 0 00-2.25 2.25v6\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">evebox<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">server<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #569CD6\">--datastore<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">\/path\/to\/suricata\/logs\/<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>EveBox will start as a local web server, serving the Suricata alerts from your logs.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_2_Access_EveBox_in_Your_Browser_%F0%9F%8C%90\"><\/span>Step 2: Access EveBox in Your Browser \ud83c\udf10<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Open a browser and go to <code><strong>http:\/\/localhost:5636<\/strong><\/code>. You\u2019ll now be able to see a clean, easy-to-use interface showing real-time Suricata alerts and events.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_3_Explore_EveBox_Features_%F0%9F%8E%AF\"><\/span>Step 3: Explore EveBox Features \ud83c\udfaf<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Alerts Dashboard<\/strong>: Easily view all alerts generated by Suricata in real time.<\/li>\n\n\n\n<li><strong>Event Classification<\/strong>: Mark events as escalated, resolved, or in need of further investigation.<\/li>\n\n\n\n<li><strong>Search and Filter<\/strong>: Use built-in search filters to find specific types of alerts or network events quickly.<\/li>\n<\/ul>\n\n\n\n<p>With EveBox, you can have a simple yet powerful interface to monitor Suricata in real time, without the overhead of a full Elastic Stack setup.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%F0%9F%96%B1%EF%B8%8F_3_Using_Scirius_for_GUI_Rule_Management_and_Monitoring\"><\/span>\ud83d\uddb1\ufe0f 3. Using Scirius for GUI Rule Management and Monitoring<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><strong>Scirius<\/strong> is a great tool if you\u2019re looking for more comprehensive rule management along with monitoring capabilities. It integrates seamlessly with Suricata, allowing you to manage and deploy rules using a user-friendly interface. \ud83c\udfaf<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step-by-Step_Guide_for_Setting_Up_Scirius\"><\/span>Step-by-Step Guide for Setting Up Scirius:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_1_Install_Scirius_%F0%9F%93%A5\"><\/span>Step 1: Install Scirius \ud83d\udce5<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Download Scirius<\/strong>: Visit the <a href=\"https:\/\/github.com\/StamusNetworks\/scirius\">Scirius Community Edition page<\/a> and follow the installation instructions.<\/li>\n\n\n\n<li><strong>Install and Configure<\/strong>: After installation, make sure Scirius is pointing to your Suricata  <code><strong>eve.json<\/strong><\/code>  logs for real-time alert monitoring.<\/li>\n<\/ol>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_2_Access_Scirius_via_Browser_%F0%9F%8C%90\"><\/span>Step 2: Access Scirius via Browser \ud83c\udf10<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Open a browser and navigate to <code><strong>http:\/\/localhost:5000<\/strong><\/code>. This will load the Scirius interface, where you can monitor alerts and manage your Suricata rules.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_3_Use_Scirius_for_Rule_Management_%F0%9F%93%9D\"><\/span>Step 3: Use Scirius for Rule Management \ud83d\udcdd<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enable\/Disable Rules<\/strong>: Use the rule manager to easily turn Suricata rules on or off.<\/li>\n\n\n\n<li><strong>Create Custom Rules<\/strong>: You can add new custom rules directly via the GUI.<\/li>\n\n\n\n<li><strong>Monitor Traffic<\/strong>: Scirius also provides basic monitoring capabilities, letting you visualize traffic that matches your rules in real time.<\/li>\n<\/ul>\n\n\n\n<p>Scirius makes it easy to manage complex rule sets and analyze Suricata data without needing to edit rule files manually.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%F0%9F%8E%89_Conclusion_Visualize_and_Manage_Suricata_Like_a_Pro\"><\/span>\ud83c\udf89 Conclusion: Visualize and Manage Suricata Like a Pro!<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Monitoring Suricata IDS through a GUI is a game-changer for network security professionals. By integrating tools like <strong>Kibana<\/strong>, <strong>EveBox<\/strong>, or <strong>Scirius<\/strong>, you can bring real-time insights, simplified rule management, and advanced visualizations into your security operations. Whether you prefer the comprehensive <strong>Elastic Stack<\/strong>, the simplicity of <strong>EveBox<\/strong>, or the rule management power of <strong>Scirius<\/strong>, each tool brings its own strengths to the table. \ud83d\udd25<\/p>\n\n\n\n<p>Start using these tools today to make your Suricata IDS more efficient, powerful, and easier to manage! \ud83d\udcbb\u2728<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Are you using Suricata IDS and want to visualize your network alerts in real-time without constantly digging through log files? You\u2019re in the right place! While Suricata is known for its command-line power, integrating it with a Graphical User Interface (GUI) can provide you with visual dashboards, easy-to-read alerts, and intuitive rule management. \ud83d\ude80 This [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":231,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,5,6],"tags":[255,254,256,253],"class_list":["post-230","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-ethical-hacking","category-network-security","tag-evebox-suricata-alerts","tag-kibana-for-suricata","tag-scirius-suricata-monitoring","tag-suricata-real-time-analysis"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis - Hackzone Cyber Security Blog<\/title>\n<meta name=\"description\" content=\"Explore the power of Suricata for real-time traffic analysis! Learn step-by-step how to set up and utilize this advanced IDS\/IPS tool to enhance your network security\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis - Hackzone Cyber Security Blog\" \/>\n<meta property=\"og:description\" content=\"Explore the power of Suricata for real-time traffic analysis! Learn step-by-step how to set up and utilize this advanced IDS\/IPS tool to enhance your network security\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/\" \/>\n<meta property=\"og:site_name\" content=\"Hackzone Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/hackzone.in\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-20T13:55:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-16T08:01:27+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/hackzone.in\/blog\/wp-content\/uploads\/2024\/10\/Suricata-IDS-Using-a-GUI.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Hack Zone\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hack Zone\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/\"},\"author\":{\"name\":\"Hack Zone\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/person\\\/21baa23c7ede39c1a491da2e47566bce\"},\"headline\":\"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis\",\"datePublished\":\"2024-10-20T13:55:59+00:00\",\"dateModified\":\"2024-11-16T08:01:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/\"},\"wordCount\":934,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Suricata-IDS-Using-a-GUI.webp\",\"keywords\":[\"EveBox Suricata alerts\",\"Kibana for Suricata\",\"Scirius Suricata monitoring\",\"Suricata real-time analysis\"],\"articleSection\":[\"CyberSecurity\",\"Ethical Hacking\",\"Network Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/\",\"name\":\"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis - Hackzone Cyber Security Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Suricata-IDS-Using-a-GUI.webp\",\"datePublished\":\"2024-10-20T13:55:59+00:00\",\"dateModified\":\"2024-11-16T08:01:27+00:00\",\"description\":\"Explore the power of Suricata for real-time traffic analysis! Learn step-by-step how to set up and utilize this advanced IDS\\\/IPS tool to enhance your network security\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#primaryimage\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Suricata-IDS-Using-a-GUI.webp\",\"contentUrl\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Suricata-IDS-Using-a-GUI.webp\",\"width\":1024,\"height\":1024,\"caption\":\"Suricata IDS monitoring with GUI tools Kibana, EveBox, and Scirius\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-real-time-traffic-analysis\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/\",\"name\":\"Hackzone Cyber Security\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#organization\",\"name\":\"Hackzone Cyber Security\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/logo-light.png\",\"contentUrl\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/logo-light.png\",\"width\":438,\"height\":142,\"caption\":\"Hackzone Cyber Security\"},\"image\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/hackzone.in\",\"https:\\\/\\\/www.instagram.com\\\/hackzone_in\\\/\",\"https:\\\/\\\/wa.me\\\/918700832498\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/person\\\/21baa23c7ede39c1a491da2e47566bce\",\"name\":\"Hack Zone\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g\",\"caption\":\"Hack Zone\"},\"sameAs\":[\"http:\\\/\\\/hackzone.in\\\/blog\"],\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/author\\\/abdulsamad\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis - Hackzone Cyber Security Blog","description":"Explore the power of Suricata for real-time traffic analysis! Learn step-by-step how to set up and utilize this advanced IDS\/IPS tool to enhance your network security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis - Hackzone Cyber Security Blog","og_description":"Explore the power of Suricata for real-time traffic analysis! Learn step-by-step how to set up and utilize this advanced IDS\/IPS tool to enhance your network security","og_url":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/","og_site_name":"Hackzone Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/hackzone.in","article_published_time":"2024-10-20T13:55:59+00:00","article_modified_time":"2024-11-16T08:01:27+00:00","og_image":[{"width":1024,"height":1024,"url":"http:\/\/hackzone.in\/blog\/wp-content\/uploads\/2024\/10\/Suricata-IDS-Using-a-GUI.webp","type":"image\/webp"}],"author":"Hack Zone","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Hack Zone","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#article","isPartOf":{"@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/"},"author":{"name":"Hack Zone","@id":"https:\/\/hackzone.in\/blog\/#\/schema\/person\/21baa23c7ede39c1a491da2e47566bce"},"headline":"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis","datePublished":"2024-10-20T13:55:59+00:00","dateModified":"2024-11-16T08:01:27+00:00","mainEntityOfPage":{"@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/"},"wordCount":934,"commentCount":0,"publisher":{"@id":"https:\/\/hackzone.in\/blog\/#organization"},"image":{"@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#primaryimage"},"thumbnailUrl":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2024\/10\/Suricata-IDS-Using-a-GUI.webp","keywords":["EveBox Suricata alerts","Kibana for Suricata","Scirius Suricata monitoring","Suricata real-time analysis"],"articleSection":["CyberSecurity","Ethical Hacking","Network Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/","url":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/","name":"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis - Hackzone Cyber Security Blog","isPartOf":{"@id":"https:\/\/hackzone.in\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#primaryimage"},"image":{"@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#primaryimage"},"thumbnailUrl":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2024\/10\/Suricata-IDS-Using-a-GUI.webp","datePublished":"2024-10-20T13:55:59+00:00","dateModified":"2024-11-16T08:01:27+00:00","description":"Explore the power of Suricata for real-time traffic analysis! Learn step-by-step how to set up and utilize this advanced IDS\/IPS tool to enhance your network security","breadcrumb":{"@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#primaryimage","url":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2024\/10\/Suricata-IDS-Using-a-GUI.webp","contentUrl":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2024\/10\/Suricata-IDS-Using-a-GUI.webp","width":1024,"height":1024,"caption":"Suricata IDS monitoring with GUI tools Kibana, EveBox, and Scirius"},{"@type":"BreadcrumbList","@id":"https:\/\/hackzone.in\/blog\/suricata-real-time-traffic-analysis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hackzone.in\/blog\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udee1\ufe0f How to Monitor Suricata IDS Using a GUI: A Complete Step-by-Step Guide for Real-Time Traffic Analysis"}]},{"@type":"WebSite","@id":"https:\/\/hackzone.in\/blog\/#website","url":"https:\/\/hackzone.in\/blog\/","name":"Hackzone Cyber Security","description":"","publisher":{"@id":"https:\/\/hackzone.in\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hackzone.in\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/hackzone.in\/blog\/#organization","name":"Hackzone Cyber Security","url":"https:\/\/hackzone.in\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hackzone.in\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2023\/02\/logo-light.png","contentUrl":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2023\/02\/logo-light.png","width":438,"height":142,"caption":"Hackzone Cyber Security"},"image":{"@id":"https:\/\/hackzone.in\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/hackzone.in","https:\/\/www.instagram.com\/hackzone_in\/","https:\/\/wa.me\/918700832498"]},{"@type":"Person","@id":"https:\/\/hackzone.in\/blog\/#\/schema\/person\/21baa23c7ede39c1a491da2e47566bce","name":"Hack Zone","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g","caption":"Hack Zone"},"sameAs":["http:\/\/hackzone.in\/blog"],"url":"https:\/\/hackzone.in\/blog\/author\/abdulsamad\/"}]}},"_links":{"self":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts\/230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/comments?post=230"}],"version-history":[{"count":1,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts\/230\/revisions"}],"predecessor-version":[{"id":232,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts\/230\/revisions\/232"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/media\/231"}],"wp:attachment":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/media?parent=230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/categories?post=230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/tags?post=230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}