Suri-Oculus Project
Over time, any growing project faces the same issue: the expansion of supported platforms begins to slow down development instead of accelerating adoption. In Suri Oculus, we reached that point. We currently build and maintain packages for multiple distributions: RHEL, Fedora, Debian, Ubuntu, and their […]
Introduction By default, Suricata writes events to eve.json. It is a standard and convenient mechanism, but under real load it quickly becomes a bottleneck. If you are building not just an IDS, but a traffic analysis system, the file-based model starts to limit your architecture. […]
Suri Oculus is not just a web interface for Suricata.It is a traffic management, visualization, and analytics system built around one core idea: understanding network behavior — not just collecting alerts. It is important to clearly define who this project is truly for. System Administrators […]
A Practical Guide to Setup, Rules, and Testing When deploying Suri Oculus, it is not enough to simply start Suricata. It must be configured correctly to ensure: Proper traffic capture Full signature loading Support for custom rules IOC integration Clean data for behavioral analysis Below […]
Work is currently underway on an extension module for Suri Oculus.The release is planned for May 2026. The extension focuses on a different analytical perspective: not event-centric, but host-centric analysis. Instead of examining individual alerts in isolation, the system will analyze device behavior over time. […]
Suricata is a powerful open-source IDS/IPS engine widely used in enterprise networks and security monitoring systems.Suri Oculus is a high-performance management and visualization platform built on top of Suricata, providing fast log processing, advanced analytics, AI-based anomaly detection, and convenient rule management. This guide walks […]
Intelligent Security, Evolving Protection