How to Install Suricata on an AWS Instance of Ubuntu Linux

Updated on 11/28/17

Problem scenario
You want to install Suricata on Ubuntu Linux.  How do you do this?

Solution
These directions to install Suricata include a script and how to run it.   The optional script in 2.c was based on these here.  The optional script in 2.c script requires that your AWS Ubuntu Linux server is in a security group that has access to the Internet.  The optional script takes approximately five minutes to run.  But bandwidth and resources on your instance may vary.  It is advisable to use step 2.a and skip steps 2.b, 2.c, and 3.

Step #1  Log in.
Step #2.a  Run this command: sudo apt-get -y update; sudo apt-get -y install suricata
Now go to step #4.  If for some reason you do not want to install it from the AWS .deb packages, skip step #2a and go to step #2.b
Step #2.b  If you did not do step #2.a, run this command:  vi /tmp/installer.sh
Step #2.c  If you did not do step #2.a, do this step.  This step involves copying the content below to be installer.sh.  This script starts with the "#!/bin/bash" line.  The final line of the script is "ldconfig"

#!/bin/bash
apt-get install -y libpcre3
apt-get install -y libpcre3-dbg
apt-get install -y libpcre3-dev
sleep 5
apt-get install -y build-essential
apt-get install -y autoconf
apt-get install -y automake
apt-get install -y libtool
apt-get install -y libpcap-dev
apt-get install -y libnet1-dev
apt-get install -y libyaml-0-2
apt-get install -y libyaml-dev
apt-get install -y zlib1g
apt-get install -y zlib1g-dev
apt-get install -y libcap-ng-dev
apt-get install -y libcap-ng0
apt-get install -y make
apt-get install -y libmagic-dev

apt-get update

sleep 5
apt-get install -y libpcre3
apt-get install -y libpcre3-dbg
apt-get install -y libpcre3-dev
apt-get install -y build-essential
apt-get install -y autoconf
apt-get install -y automake
apt-get install -y libtool
apt-get install -y libpcap-dev
apt-get install -y libnet1-dev
apt-get install -y libyaml-0-2
apt-get install -y libyaml-dev
apt-get install -y zlib1g
apt-get install -y zlib1g-dev
apt-get install -y libcap-ng-dev
apt-get install -y libcap-ng0
apt-get install -y make
apt-get install -y libmagic-dev

apt-get update

cd /bin

mkdir suricata

cd suricata

wget http://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz

tar -xvzf pkg-config-0.28.tar.gz

cd pkg-config-0.28

./configure --with-internal-glib
# to not downgrade glib  (ldd --version shows 2.19)

make
make install

cd /bin/suricata

wget http://www.openinfosecfoundation.org/download/suricata-1.4.6.tar.gz

tar -xvzf suricata-1.4.6.tar.gz

cd suricata-1.4.6

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var

make install-full

ldconfig

Step #3  Run the script with this command: sudo bash /tmp/installer.sh

Step #4  Run this command to confirm Suricata is installed:  suricata -V

Leave a comment

Your email address will not be published. Required fields are marked *