I am new to Suricata and just got everything installed (I installed the default rules). Is there a standard way to test the installed rules? Are there any EVE files that someone recommends I use?
Thank you!
Hello there,
You could check if your fast.log shows any alerts, if your main goal is to see if Suricata is working, I’d say.
If you haven’t changed the default configuration, I imagine that the eve.json file would also show alert event types to help you see how things are going.