// Add steps as necessary for accessing the software, post-configuration, and testing. Don’t include full usage instructions for your software, but add links to your product documentation for that information. //Should any sections not be applicable, remove them == Test the deployment // If steps are required to test the deployment, add them here. If not, remove the heading Perform the following steps to verify that Suricata is installed and running on the target instances. . Make a note of the *TargetInstanceASG* value shown in the *Outputs* tab. . Using either AWS CLI or the AWS Management Console, identify the IDs of the instances in the Auto Scaling group. For example, you can use the following CLI command to fetch the instance IDs. + ``` aws autoscaling describe-auto-scaling-groups --auto-scaling-group-name ${YOUR_ASG_NAME} --region ${DEPLOY_REGION} | grep -i instanceid | awk '{print $2}' ``` Sample output: + ``` "i-0c28001ae82907b0a", "i-0c425ea76fe462214", ``` + . Using either AWS CLI or the AWS Management Console, connect to any of the instances in the output of the previous command and verify that Suricata is installed. + ``` aws ssm start-session --target ${INSTANCE_ID} --region ${DEPLOY_REGION} # In the started session sudo su ec2-user # Verify Suricata version suricata build-info | head -1 # Verify Suricata service status systemctl status suricata ``` + Sample output: + ``` % aws ssm start-session --target ${INSTANCE_ID} --region ${DEPLOY_REGION} Starting session with SessionId: xxxx-yyyy-12345678abcd8888a sh-4.2$ sudo su ec2-user [ec2-user@ip-10-0-17-42 bin]$ suricata build-info | head -1 Suricata 6.0.3 [ec2-user@ip-10-0-17-42 bin]$ systemctl status suricata ● suricata.service - Suricata Intrusion Detection Service Loaded: loaded (/usr/lib/systemd/system/suricata.service; enabled; vendor preset: disabled) Active: active (running) since Thu 2021-07-22 05:17:33 UTC; 24h ago Docs: man:suricata(1) Main PID: 6879 (Suricata-Main) CGroup: /system.slice/suricata.service └─6879 /sbin/suricata -c /etc/suricata/suricata.yaml --pidfile /var/run/suricata.pid -i eth0 --user suricata Jul 22 05:17:33 ip-10-0-17-42.us-west-2.compute.internal systemd[1]: Starting Suricata Intrusion Detection Service... Jul 22 05:17:33 ip-10-0-17-42.us-west-2.compute.internal systemd[1]: Started Suricata Intrusion Detection Service. ...output truncated... ```