Scirius Community Edition is a web interface dedicated to Suricata ruleset management. It handles the rules file and update associated files.
Scirius CE is developed by Stamus Networks and is available under the GNU GPLv3 license.
Scirius can build Suricata ruleset composed of different sources. Sources or feeds can be picked from public sources published by OISF or can be custom.
Scirius will take care of refreshing the sources and composing the ruleset by applying your transformation on it.
Transformations like disabling a rule or applying a threshold (to lower the noise only) can be made for each rule or at the category level.
Scirius also presents statistics on rules activity to give information and facilitate the tuning.
Scirius Documentation is on readthedocs.
You can join IRC #SELKS channel on irc.freenode.net to get help.
You can also ask Scirius related questions on SELKS Forum.
You can report an issue on GitHub issue page.
From improving the documentation to coding new features, there is more than one way to contribute to Scirius. And for all contributions please use a Pull Request on Github.
You can run a local developement environment with the following step: docker compose up -d
This will spin up a scirius container based on the local code with hot reload. This will also create dependencies containers like fluentd, postgres and elasticsearch.
Please note, that this is development only and some services are going to be open to the local network (or more depending on your setup) without authentication. Please use ClearNDR with stamusctl <https://github.com/StamusNetworks/stamusctl> for production installation
