Autosuricata: September 2025 update

Hey everyone, quite some time ago, I discussed some side projects of mine that I’ve worked on. I’d like to announce some updates I’ve made to one of those projects, Autosuricata. In a nutshell this project is a shell script designed to build and compile the latest stable release of Suricata from source on practically any Linux-based system that utilizes the apt package manager.

I made this script some time ago to serve as a companion with the Building Virtual Machine Labs book. Here are some highlights with this month’s new release:

• Confirmed support for Suricata 8.0.0,

• vectorscan installed and compiled manually for hyperscan support,

• DPDK support also manually installed/compiled to support DPDK features in suricata,

• Downloading and installing the latest DPDK LTS release (24.11.3),

• Most compile processes changed from make to make -j to speed up compilation on multi-core systems,

• Confirmed support and functionality on Debian 13 (in addition to Ubuntu 22.04 and 24.04),

Detailed instructions on usage, are available in the readme.md, and are very straightforward. By default, this script installs and assumes inline mode operation with AFPACKET bridging, but the docs will guide you on which bits you’d need to change to do passive operation.

Finally, some of the bits, (vectorscan, and DPDK both) take a significant amount of time to compile. If you need to know what the script is doing while its running, a log file is created and updated in realtime at /var/log/autosuricata_install.log. So users can run tail -f /var/log/autosuricata_install.log in a separate terminal window to follow along.

As always, happy hunting.

-Tony Robinson