Suricata as a centralized NIDS

How to deploy Suricata as a centralized Network Intrusion Detection System (NIDS) and send traffic from all other network devices to this central server for monitoring

  • Suricata version: 7.5
  • Operating system and/or Linux distribution : ubuntu 22.4

Please provide more details about your environment and scenario. For traffic forwarding to an IDS you can use different options like Mirror ports, SPAN ports, TAP devices, Packetbroker etc.