How-to steps to download, build and run Dragonfly MLE on Linux host (example: Ubuntu) without using docker

There are a few things to consider:

The example below uses Ubuntu 16.04 (Ubuntu 16.04.5 LTS) as base platform. Your results may vary on a different version or flavor of Linux and may need some edits to build environment to make it work.

Make sure Suricata is installed and running on the system. The eve.json log is expected at /var/log/suricata/ location.

Finally, here are the steps:

build dragonfly-mle

$ apt-get update
$ apt-get install -y zlib1g-dev libluajit-5.1 liblua5.1-dev lua-socket libcurl4-openssl-dev libatlas-base-dev libhiredis-dev git make libmicrohttpd-dev
$ git clone -b devel https://github.com/counterflow-ai/dragonfly-mle
$ cd dragonfly-mle/src
$ make
$ make install
$ cd ../..
# optional
$ rm -rf dragonfly-mle

build redis

$ git clone https://github.com/antirez/redis.git
$ cd redis/src
$ make
$ make install
$ cd ../..
# optional
$ rm -rf redis

build redis ML

$ git clone https://github.com/RedisLabsModules/redis-ml.git
$ cd redis-ml/src
$ make
$ cp redis-ml.so /usr/local/lib
$ cd ../..
# optional
$ rm -rf redis-ml

make sure suricata is running and it’s output is writing to /var/log/suricata/eve.json

run Dragonfly MLE

$ redis-server --loadmodule /usr/local/lib/redis-ml.so --daemonize yes && /usr/local/dragonfly-mle/bin/dragonfly-mle

You can always find updated sources at https://github.com/counterflow-ai/dragonfly-mle