<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

Using Jupyter with Suricata

Stamus Labs has developed specialized Jupyter Playbooks for Suricata to interact with Clear NSR™ - Community (formerly known as SELKS) for threat hunting and data exploration. Suricata users, especially ones using Clear NDR, can use the playbooks to explore Suricata EVE JSON logs and extract useful insights from EVE NSM data

Example use cases include:

  • Update Suricata rules
  • Interact with Suricata for threat hunting and data exploration
  • Statistical analysis on event_type records
  • Suricata for IP Investigation
  • Parse PCAPs with Suricata

Join the Community Discussion

Have questions or comments about the Jupyter Playbooks project?

Interested in contributing to the code or knowledge base?


Open your pull request on the project's GitHub repository.

Or join the discussion on our Discord server.

Go to Jupyter Playbooks on GitHub
Join Stamus Labs on Discord

Additional Resources

Jupyter Playbooks for Suri - Part 1

Jupyter Playbooks for Suricata - Part 1

Read More
Jupyter Playbooks for Suri - Part 2

Jupyter Playbooks for Suricata - Part 2

Read More
Jupyter Playbooks for Suri - Part 3

Jupyter Playbooks for Suricata - Part 3

Read More