Netgate SG-1000 microFirewall

Author Topic: Future deprecation of some Suricata features  (Read 200 times)

0 Members and 1 Guest are viewing this topic.

Offline bmeeks

  • Hero Member
  • *****
  • Posts: 3403
  • Karma: +895/-0
    • View Profile
Future deprecation of some Suricata features
« on: December 21, 2017, 09:55:24 am »
The Suricata developers have published a list of deprecated features.  Most of the listed features will disappear from Suricata within the next two years, although some are only one year from removal.  The list and details are here:  https://suricata-ids.org/about/deprecation-policy/.

The one most likely impact to the pfSense Suricata package is the removal of unified2 binary log outputs.  This is the log format that Barnyard2 depends upon, so once unified2 binary logging is removed from Suricata the Barnyard tab will cease to have any benefit.  So expect Barnyard2 support to disappear in the future and plan accordingly (if you use it).  I suspect most Suricata users instead make use of EVE logging options and feed logs to an external ELK stack for analysis.

For those of you that have asked about CUDA support on pfSense in the past, notice that CUDA support is also being deprecated and will soon be removed from Suricata.

Bill