- Suricata version - 7.0
- Operating system and/or Linux distribution - ubuntu server
- How you installed Suricata - source
Hi
I have installed suricata on the ubuntu server & it is up and running fine.
I wanted to know without the second network interface(monitor) can suricata read logs from an log server and trigger alerts using the pre-defined ruleset.
If yes, will it affect real time monitoring.
The basic idea is to see if suricata can work without any monitoring interface by feeding it data/log from other sources.