Guide: Suricata RPMs for RedHat Enterprise Linux and rebuilds


The OISF maintains Suricata RPMs for the following Linux distributions:

  • RHEL 9
  • RHEL 8
  • RHEL 7
  • And the active Fedora versions.

Note: At this time RPMs are only built for x86_64. We may expand this in the future.

RPMs are provided for all supported versions of Suricata allowing you to stick to a particular release branch until you are ready to upgrade. This is done by providing an RPM repository per version. At this time the following versioned repositories exist:

  • suricata-7.0
  • suricata-6.0


The following is an example of installing Suricata 7.0 on CentOS. If you wish to install 6.0 instead, change the version in @oisf/suricata-7.0.

yum install epel-release yum-plugin-copr
yum copr enable @oisf/suricata-7.0
yum install suricata


To upgrade from one major version to another on your schedule, the active RPM repository should be disabled and the newer version be enabled. For example, to upgrade from 6.0 to 7.0 on CentOS:

yum copr disable @oisf/suricata-5.0
yum copr enable @oisf/suricata-6.0
yum update suricata

| Note: This will not migrate your configuration files from one version to another. That is a task still left up to the user.

Configuration and Running

To configure and run Suricata from the RPM please see the guide on getting started with RPMS: Guide: Getting Started on RHEL, CentOS and rebuild Linux Distributions



Hey thanks for this article i was looking for something hosting RPM’s for Suricata 6 on Centos 7. When i add the repo on centos 7 with yum copr enable @oisf/suricata i get a 404 Not found for “ [Errno 14] HTTPS Error 404 - Not Found”

I think the data is there when navigating to but just wanted to let you know in the event other people are adding this repo but recieving a 404 also.


Sorry about that. Should be fixed now. Thanks for posting.

It should work with just running yum install suricata now.

Whoa this is awesome. No need to be sorry just wanted to report it so i can use it.

You have no idea how much effort you just saved me :slight_smile: Initially today i was writing up my own suricata.spec about to build my own and then i found this. thanks a lot!


For CentOS8, I had to install epel-release to satisfy the following requirements:

 Problem: conflicting requests
  - nothing provides needed by suricata-1:5.0.5-1.el8.x86_64
  - nothing provides needed by suricata-1:5.0.5-1.el8.x86_64
  - nothing provides needed by suricata-1:5.0.5-1.el8.x86_64

This is already covered in the “CentOS 7 and 8” section. I’m going to remove the “and CentOS 8” from the Fedora section as that is Fedora only as it doesn’t cover epel-release. Thanks.