services.suricata.settings

Suricata settings

Type

open submodule of (YAML 1.1 value)

Example

vars.address-groups.HOME_NET = "192.168.178.0/24";
outputs = [
  {
    fast = {
      enabled = true;
      filename = "fast.log";
      append = "yes";
    };
  }
  {
    eve-log = {
      enabled = true;
      filetype = "regular";
      filename = "eve.json";
      community-id = true;
      types = [
        {
          alert.tagged-packets = "yes";
        }
      ];
    };
  }
];
af-packet = [
  {
    interface = "eth0";
    cluster-id = "99";
    cluster-type = "cluster_flow";
    defrag = "yes";
  }
  {
    interface = "default";
  }
];
af-xdp = [
  {
    interface = "eth1";
  }
];
dpdk.interfaces = [
  {
    interface = "eth2";
  }
];
pcap = [
  {
    interface = "eth3";
  }
];
app-layer.protocols = {
  telnet.enabled = "yes";
  dnp3.enabled = "yes";
  modbus.enabled = "yes";
};

Declared

<nixpkgs/nixos/modules/services/networking/suricata/default.nix>