Skills
.Work. You
Rest

suricata-offline-evejson

Community

Offline Suricata PCAP testing with eve.json.

Data & Analytics#offline#log-analysis#pcap#security-testing#suricata#eve.json
AuthorKaiserWhoLearns
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Analyze offline PCAPs by running Suricata and validating results via eve.json, enabling repeatable security testing without live traffic.

Core Features & Use Cases

  • Offline PCAP processing with a configurable rules file and log directory.
  • Outputs eve.json logs and a concise summary of detected alerts for quick triage.
  • Real-world use: security engineers can test new IDS rules on known PCAP samples and compare signature matches.

Quick Start

Run Suricata in offline mode on a PCAP with a local rules file and point the log output directory to a writable path, then review the eve.json alerts summary.

Dependency Matrix

Required Modules

suricatajq

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: suricata-offline-evejson
Download link: https://github.com/KaiserWhoLearns/skillsbench/archive/main.zip#suricata-offline-evejson

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.