During the previous steps we achieved the following:

  • Deployed Suricata and a Logshipper (filebeat) into a new Cluster.

  • Started the Cluster services and made sure everything is running without issue.

  • Learned how to import Suricata IDS Rules into IDSTower (and eventually to Suricata).

  • Learned how to import Indicators of Compromise (IOCs) into IDSTower (and eventually to Suricata).

Learn more about Cluster Management features that IDSTower offers by reading the cluster Management guide, moreover, take a look on the Advanced IDS Rules life-cycle-management features that IDSTower has.