Integration of External Suricata Instance with Security Onion

Dear Community,

I’m a newcomer to Security Onion, and in our company, we already have a configured Suricata instance. I’m exploring the possibility of integrating our existing Suricata setup with Security Onion for enhanced network security monitoring. Are there recommended practices or step-by-step guides available for incorporating an external Suricata instance into Security Onion? Any insights or guidance would be highly appreciated.

Thank you!


I think that this question may be better suited to the Security Onion forum.