The OISF development team is proud to announce Suricata 2.1beta1. This is the first beta release for the upcoming 2.1 version. It should be considered a development snapshot for the 2.1 branch.
Get the new release here: http://www.openinfosecfoundation.org/download/suricata-2.1beta1.tar.gz
- Feature #1248: flow/connection logging
- Feature #1155 & #1208: Log packet payloads in eve alerts
- Optimization #1039: Packetpool should be a stack
- Optimization #1241: pcap recording: record per thread
- Feature #1258: json: include HTTP info with Alert output
- AC matcher start up optimizations
- BM matcher runtime optimizations by Ken Steele
- ‘pcapinfo’ output was removed. Suriwire now works with the JSON ‘eve’ output
We’d like to thank the following people and corporations for their contributions and feedback:
- Ken Steele — Tilera
- Matt Carothers
- Alexander Gozman
- Giuseppe Longo
- Duarte Silva
Known issues & missing features
In a beta release like this things may not be as polished yet. So please handle with care. That said, if you encounter issues, please let us know! As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on. See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues.
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.