Guide: Suricata RPMs for CentOS and Fedora

Introduction

The OISF maintains Suricata RPMs for the following Linux distributions:

  • CentOS 8
  • CentOS 7
  • And the active Fedora versions.

Note: At this time RPMs are only built for x86_64. We may expand this in the future.

RPMs are provided for all supported versions of Suricata allowing you to stick to a particular release branch until you are ready to upgrade. This is done by providing an RPM repository per version. At this time the following versioned repositories exist:

  • suricata-6.0
  • suricata-5.0
  • suricata-4.1

Installation

CentOS 7 and 8

The following is an example of installing Suricata 6.0 on CentOS. If you wish to install 5.0 or 4.1 instead, change the version in @oisf/suricata-6.0.

yum install epel-release yum-plugin-copr
yum copr enable @oisf/suricata-6.0
yum install suricata

Fedora (and CentOS 8)

The following is an example of install Suricata 6.0 on Fedora. If you wish to install 5.0 or 4.1 instead, change the version in @oisf/suricata-6.0.

dnf install dnf-plugins-core
dnf copr enable @oisf/suricata-6.0
dnf install suricata

Upgrading

To upgrade from one major version to another on your schedule, the active RPM repository should be disabled and the newer version be enabled. For example, to upgrade from 5.0 to 6.0 on CentOS:

yum copr disable @oisf/suricata-5.0
yum copr enable @oisf/suricata-6.0
yum update suricata

| Note: This will not migrate your configuration files from one version to another. That is a task still left up to the user.

Configuration and Running

To configure and run Suricata from the RPM please see the guid on getting started with RPMS: Guide: Getting Started on CentOS 8 and CentOS 7

References

2 Likes

Hey thanks for this article i was looking for something hosting RPM’s for Suricata 6 on Centos 7. When i add the repo on centos 7 with yum copr enable @oisf/suricata i get a 404 Not found for “https://download.copr.fedorainfracloud.org/results/%40oisf/suricata-6.0/epel-7-x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 404 - Not Found”

I think the data is there when navigating to https://copr-be.cloud.fedoraproject.org/results/%40oisf/suricata-6.0/epel-7-aarch64/ but just wanted to let you know in the event other people are adding this repo but recieving a 404 also.

Cheers,
Nathan

Sorry about that. Should be fixed now. Thanks for posting.

It should work with just running yum install suricata now.

Whoa this is awesome. No need to be sorry just wanted to report it so i can use it.

You have no idea how much effort you just saved me :slight_smile: Initially today i was writing up my own suricata.spec about to build my own and then i found this. thanks a lot!

Nathan