SNORT is an open source intrusion detection/prevention system that is capable of real-time traffic analysis and packet logging. Extremely popular, SNORT is the tool of choice for the open source community. While there are a number of other NIDS and NIPS out there, we will stick to SNORT for the purposes of this section.
SNORT is available from the https://www.snort.org/ website:
It makes a lot of sense to go through the documentation available on the website as this information is updated on a fairly regular basis.
At the time of writing, SNORT is available in flavors that run on some Linux ...