You can find the documentation at doc/html/index.html or doc/latex/refman.pdf.
Clone the git repository:
$ git clone https://bitbucket.org/thithib/cerids cerids
To install CerIDS on a Debian stable (jessie) host, you must install the following packages :
`$ apt install build-essential libpcap-dev libpcre3-dev libcunit1-dev
Then, cd to the source directory and run make
$ cd src/ && make
To listen on the eth0 interface, launch cerids as root with this command:
# ./cerids -i eth0
To enable the debug mode (no background, messages to stdout):
# ./cerids -i eth0 -d
To run on a pcap file (for instance, example.pcap):
# ./cerids -f example.pcap
To get some help:
# ./cerids -h