EveBox

EveBox is a Suricata alert and event management tool for the Suricata IDS/NSM Engine.

It can be used against your existing ELK stack, or as a standalone Suricata event manager using its embedded SQLite database for small deployments, or Elasticsearch/Opensearch for larger deployments.

Screenshots

Dark
Light

Inbox Dark

Downloads

First, are you looking for a really simple way to get started? If so here are a couple of options:

EveCtl: My menu driven CLI tool that wraps up Suricata, EveBox and optionally Elasticsearch in one easy to manage package.
Clear NDR Community Edition, formerly known as SELKS includes EveBox.

Otherwise if you are more into DIY and want to run/manage Suricata and EveBox on your own, here are the options for downloading Evebox:

Screenshots​

Downloads​

Zip Packages​

Linux Repos​

Linux Packages​

Development Builds​

Screenshots

Downloads

Zip Packages

Linux Repos

Linux Packages

Development Builds