This is a module to the Suricata IDS/IPS/NSM log. It parses logs that are in the Suricata Eve JSON format.
This module requires the {plugins}/ingest-geoip.html[ingest-geoip] and {plugins}/ingest-user-agent.html[ingest-user-agent] Elasticsearch plugins.
This module has been developed against Suricata v4.0.4, but is expected to work with other versions of Suricata.
This module comes with a sample dashboard. For example:
TODO: provide an example configuration