Suricata DSM specifications

When you configure the Suricata device, understanding the specifications for the Suricata DSM can help ensure a successful integration. For example, knowing what the supported version of Suricata is before you begin can help reduce frustration during the configuration process.

The following table describes the specifications for the Suricata DSM.

Table 1. Suricata DSM specifications
Specification Value
Manufacturer Open Information Security Foundation
DSM name Suricata
RPM file name DSM-Suricata-QRadar_version-build_number.noarch.rpm
Supported version 6.0.3 and earlier
Protocol

Syslog

TLS Syslog

Event format JSON
Recorded event types Alerts
Automatically discovered? Yes
Includes identity? No
Includes custom properties? No
More information https://suricata.io/