Add suricata configuration files

config/suricata/custom.yaml

@@ -0,0 +1,17 @@
+%YAML 1.1
+---
+outputs:
+  - eve-log:
+      enabled: yes
+      filetype: regular
+      filename: /tmp/eve.json
+      filemode: 660
+      types:
+        - alert:
+             tagged-packets: yes
+             http: yes
+             tls: yes
+
+        - drop:
+            alerts: yes
+            flows: start

config/suricata/suricata.conf

@@ -0,0 +1,6 @@
+[[inputs.tail]]
+  data_format = "json"
+  files = ["/tmp/eve.json"]
+  name_override = "suricata"
+  tag_keys = ["event_type","src_ip","src_port","dest_ip","dest_port"]
+  json_string_fields = ["*"]