Hi want to build a container to run Surricata and Zeek to do network analysis.
See two possible approaches.
1) using PCIe passthought to pass the 2.5 Gbps ethernet card through to a container(is that possible on a container?) That runs both Zeek and Surricata.
2) Use 2 containers with a bridge network sharing the traffic to 2 virtual ports(1 on each container) with Surricata running on one, and Zeek on the other.
Thanks D
See two possible approaches.
1) using PCIe passthought to pass the 2.5 Gbps ethernet card through to a container(is that possible on a container?) That runs both Zeek and Surricata.
2) Use 2 containers with a bridge network sharing the traffic to 2 virtual ports(1 on each container) with Surricata running on one, and Zeek on the other.
Thanks D