Mac OS X 10.11 El Capitan with Homebrew.¶

This installation guide should be valid for the following:

Suricata 3.2.1 on 10.12 (Sierra) w/Homebrew
Suricata 3.0 on 10.11 w/Homebrew
Suricata 2.0.11 on 10.11 w/Homebrew
Suricata 3.0 on 10.10 w/Homebrew
Suricata 2.0.11 on 10.10 w/Homebrew

Pre-Installation Requirements¶

XCode and Homebrew are installed and working. Head over to http://brew.sh/ for more information on installing Homebrew.

Install dependencies:

brew install pkg-config libmagic libyaml nss nspr jansson libnet lua pcre

Download and Extract Suricata

curl -O http://www.openinfosecfoundation.org/download/suricata-3.1.tar.gz
tar zxvf suricata-3.1.tar.gz
cd suricata-3.1

Building Suricata¶

Configure:

CC=llvm-gcc ./configure --sysconfdir=/etc --localstatedir=/var \
  --with-libpcre-includes=/usr/local/include --with-libpcre-libraries=/usr/local/lib \
  --with-libnss-includes=/usr/local/opt/nss/include/nss --with-libnss-libraries=/usr/local/opt/nss/lib \
  --with-libnspr-includes=/usr/local/opt/nspr/include/nspr --with-libnspr-libraries=/usr/local/opt/nspr/lib \
  --enable-ipfw --enable-lua

Make and install:

make

sudo make install

To install the default configuration files:

make install-conf

To install with an initial set of ET Open rule files:

make install-full

Required Configuration Fixup¶

Versions 3.0 and earlier require a modification to the suricata.yaml before running Suricata. The following line in the configuration file must be commented out or removed:

magic-file: /usr/share/file/magic

Please continue with the Basic Setup.

Files (0)

Project

General

Profile

Suricata

Wiki

Mac OS X 10.11 El Capitan with Homebrew.¶

Pre-Installation Requirements¶

Building Suricata¶

Required Configuration Fixup¶