Blog Network security Suricata
October 1, 2024 By Sergey

Suri Oculus: A High-Performance IDS/IPS Log Management System Without Using ELK

Dear Community,

We are pleased to introduce Suri Oculus (https://suri-oculus.com) – a revolutionary IDS/IPS log management and analysis system designed to provide unparalleled security and efficiency.

What Is Suri Oculus?

Suri Oculus is a simple and effective system for viewing and analyzing IDS Suricata logs, as well as managing its rules. Unlike traditional solutions, we do not use the ELK stack (Elasticsearch, Logstash, Kibana). This approach gives us significant advantages in speed and memory savings, which is especially important for small and medium-sized businesses, as well as home networks.

Innovative Technologies for Enhanced Security

Built on the reliable Suricata (https://suricata.io) technology and the Pistache (C++) framework, and using Redis as a database, Suri Oculus redefines the approach to monitoring, analyzing, and responding to network threats. Our high-performance system provides real-time monitoring, analysis, and response to potential threats, delivering unmatched efficiency and security.

Key Features of Suri Oculus

  • Suricata Event Handling: Easily view, analyze, and search Suricata logs. Quick access to the contents of the fast.log file ensures instant event display.
  • Suricata Rule Management: Customize your network security with tools for editing, deleting, adding, and blocking rules. This flexibility ensures your security measures are always up-to-date and effective.
  • Custom Rules: Implement additional rules to block specific sites and connections, such as social networks and advertising platforms. Tailor your security protocols to the unique needs of your network.
  • Indicators of Compromise (IoC): Integrate current IoCs to enhance threat detection and automate incident response. Stay ahead of potential threats with up-to-date information.
  • Statistics and Analytics: Analyze network traffic, attacks, threats, and more with comprehensive statistical reports. Gain valuable insights into your network’s security status.
  • Updates Management: Automatically or manually update Suricata rules based on observed activity and threats. Ensure your system always operates with the latest security measures.
  • Suricata Management: Easily switch between IDS and IPS modes with commands to restart, stop, and start Suricata. Adapt to changing security needs with ease.

Technical Excellence for High Performance

Suri Oculus is developed using C++ and Rust, ensuring high data processing speeds and low resource consumption. We use Redis as a cache for logs, which accelerates data access and reduces system load. By abandoning the heavy ELK stack, we significantly reduce hardware requirements, making the solution accessible to a wider range of users—including devices with limited capabilities like routers.

Scalability and Flexibility of Suri Oculus

Our architecture allows for easy scaling and customization to meet unique needs. Whether you’re managing a small network or a large enterprise, Suri Oculus adapts to provide the best security solutions.

Why Is This Important?

We strive to simplify the processes of monitoring and enhancing network security, making them accessible not only to large corporations but also to small companies and home users. Resource savings and high speed allow for effective network protection without the need for significant investments in infrastructure.

Join Us in a New Era of Network Security

We invite you to explore the features and benefits of Suri Oculus. Visit our website for detailed information and documentation on how Suri Oculus can revolutionize your network security.

Your feedback and suggestions are incredibly important to us. They will help guide the project’s development in the right direction and make it as useful as possible for the community.

We would greatly appreciate your attention and feedback!

Sincerely,
The Suri Oculus Team