Merge pull request #1464 from madeline-underwood/snort3

Snort3_approved by AP for release.

Author: pareenaverma

content/learning-paths/servers-and-cloud-computing/snort3-multithreading/_index.md

@@ -1,21 +1,17 @@
 ---
-title: Scaling Snort 3 - use multithreading for improved performance
-
-draft: true
-cascade:
-    draft: true
+title: Optimize the performance of Snort 3 using multithreading
 
 minutes_to_complete: 45
 
-who_is_this_for: This blog is for engineers familiar with Snort who want to enhance its performance by leveraging the benefits of multithreading.
+who_is_this_for: This Learning Path is for software developers familiar with Snort who want to optimize performance by leveraging the benefits of multithreading.
 
 learning_objectives: 
-    - Install Snort with all of its dependencies.
+    - Install Snort and dependencies.
     - Configure Snort Lua files to enable multithreading.
     - Use multithreading to process capture files and measure performance.
 
 prerequisites:
-    - An Arm-based instance from a cloud provider or an Arm server running Ubuntu 20.04 or 22.04.
+    - An Arm-based instance from a cloud provider, or an Arm server running Ubuntu 20.04 or 22.04.
     - A basic understanding of Snort's operation and configuration.
 
 

content/learning-paths/servers-and-cloud-computing/snort3-multithreading/_next-steps.md

@@ -1,5 +1,5 @@
 ---
-next_step_guidance: To continue learning about enabling hyperscan on arm,please refer to the learning path provided below.
+next_step_guidance: To continue learning, try this next Learning Path about enabling hyperscan on Arm.
 
 recommended_path: /learning-paths/servers-and-cloud-computing/vectorscan/
 
@@ -20,3 +20,5 @@ weight: 21                  # set to always be larger than the content in this p
 title: "Next Steps"         # Always the same
 layout: "learningpathall"   # All files under learning paths have this same wrapper
 ---
+
+

content/learning-paths/servers-and-cloud-computing/snort3-multithreading/_review.md

@@ -7,7 +7,7 @@ review:
             - It allows Snort to detect encrypted traffic.
             - It improves packet processing performance. 
             - It enables Snort to be run on legacy hardware.
-            - It support multiple rule sets at the same time.
+            - It supports multiple rule sets at the same time.
         correct_answer: 2                    
         explanation: >
             It improves packet processing performance by parallelizing tasks.
@@ -16,26 +16,25 @@ review:
         question: >
             Which parameter is used to enable multithreading in Snort 3?
         answers:
-            - --max-packet-threads
-            - --enable-threads
-            - --enable-multithreading
-            - --packet-loop
+            - --max-packet-threads.
+            - --enable-threads.
+            - --enable-multithreading.
+            - --packet-loop.
         correct_answer: 1                   
         explanation: >
             --max-packet-threads parameter is used to enable and configure multithreading.
                
     - questions:
         question: >
-            In Snort 3, which DAQ (Data Acquisition) module is used to read capture files for packet processing?
+            In Snort 3, which Data Acquisition (DAQ) module is used to read capture files for packet processing?
         answers:
-            - afpacket
-            - vpp
-            - dump
-            - pcap
+            - afpacket.
+            - vpp.
+            - dump.
+            - pcap.
         correct_answer: 3          
         explanation: >
-            The dump module in Snort 3 is used to read capture files (such as .pcap or .pcapng files) for offline packet analysis. 
-
+            The dump module in Snort 3 is used to read capture files, such as .pcap or .pcapng files, for offline packet analysis.
 
 
 # ================================================================================

content/learning-paths/servers-and-cloud-computing/snort3-multithreading/build-and-install.md

@@ -1,24 +1,32 @@
 ---
-title: Installing Snort 3 and the required dependencies
+
+title: Install Snort 3 and Dependencies
 weight: 2
 
 ### FIXED, DO NOT MODIFY
 layout: learningpathall
 ---
 
-Snort is an Open Source Intrusion Prevention System (IPS). Snort uses a series of rules to define malicious network activity. If malicious activity is found, Snort generates alerts.
+## Snort 3
+
+Snort is an Open Source Intrusion Prevention System (IPS). Snort uses a series of rules to define malicious network activity. If malicious activity is detected, Snort generates alerts.
+
+Snort 3 benefits from multithreading, which means that it enables the concurrent processing of multiple packet processing threads with a single Snort instance. This optimization frees up additional memory for further packet processing.
+
+#### Enable multithreading
 
-Multithreading in Snort 3 refers to the ability to associate multiple threads with a single Snort instance enabling the concurrent processing of multiple packet files. This optimization frees up additional memory for further packet processing.
+In order to enable multithreading in Snort 3, specify the quantity of threads designated for processing network traffic using either of these two options:
 
-In order to enable multithreading in Snort 3, specify the number of threads designated for processing network traffic using either the `--max-packet-threads` or `-z` option. 
+* `--max-packet-threads`
+* `-z` 
 
 {{%notice Note%}}
-    The instructions provided have been tested on AWS EC2 Graviton4 instance, based on Neoverse V2. The examples are easiest to use if you have at least 16 cores in the system. 
+    These instructions have been tested on an AWS EC2 Graviton4 instance, based on Arm Neoverse V2. The examples work best if you have at least 16 cores in your system. 
 {{%/notice%}}
 
-## Compile and build Snort3
+### How do I compile and build Snort 3?
 
-To install Snort 3, use a text editor to save the script below on your Arm server in a file named `install-snort.sh`.
+To install Snort 3, use a text editor to copy-and-paste the text below and save the script on your Arm server in a file named `install-snort.sh`.
 
 <!-- add github link for the below file [build_snort3.sh]() -->
 ``` bash
@@ -40,7 +48,7 @@ declare -a PACKAGE_URLS=(
 "https://github.com/gperftools/gperftools/releases/download/gperftools-2.13/gperftools-2.13.tar.gz"
 )
 
-downlaodPackages()
+downloadPackages()
 {
     for url in "${PACKAGE_URLS[@]}"; do
         # Extract the file name from the URL
@@ -89,7 +97,7 @@ installPackages()
     sudo apt-get install -y $LIST_OF_APPS
 
     # required to get optimized result from Snort3
-    downlaodPackages
+    downloadPackages
     mkdir -p ${ROOT_DIR}/snort3
     tar -xzf 3.3.5.0.tar.gz --directory  ${ROOT_DIR}/snort3 --strip-components=1
     echo "@@@@@@@@@@@@@@@@@@     Installing Snort3 Dependencies ...     @@@@@@@@@@@@@@@@@@@@"
@@ -193,21 +201,21 @@ echo 'make sure to source ~/.bashrc or set LD_LIBRARY_PATH using:"'
 echo '   export LD_LIBRARY_PATH="/usr/local/lib:$LD_LIBRARY_PATH"'
 ```
 
-The script takes 2 arguments:
-- the directory used to build Snort3 and its dependencies 
-- the number of processors to use for the build.
+The script takes two arguments:
+* The directory used to build Snort 3 and its dependencies. 
+* The number of processors to use for the build.
 
-To build in a new directory named `build` with the number of processors in your system, run the script:
+To create a new directory named `build` which lists the number of processors in your system, run the script:
 
 ```bash
 bash ./install-snort.sh build `nproc`
 ```
 
-You don't need to run the script as `root` but it assumes you are on Ubuntu 20.04 or 22.04 and have sudo permission. 
+You do not need to run the script as `root`, but you do need to be running Ubuntu 20.04 or 22.04, and have sudo permission. 
 
-When the build completes you have the `snort3` directory with all compiled software, and the `snort` executable is located in `/usr/local/bin`.
+When the build completes, you will have the Snort 3 directory with all compiled software, and the `snort` executable will be located in `/usr/local/bin`.
 
-To verify the installation is complete, run the command below and see the version printed:
+To verify completed installation, run the command below and look at the version that it prints to screen:
 
 ```bash { output_lines = "2-20" }
  snort -V
@@ -228,6 +236,8 @@ To verify the installation is complete, run the command below and see the versio
 
 ```
 
-Don't delete the `build` directory as it will be used in the next step.
+{{% notice Note %}}
+Do not delete the `build` directory as you will use it in the next step.
+{{% /notice %}}
 
-Proceed to learn how to test Snort3 multithreading.
+Now you can move on to learn about how to test Snort 3 multithreading.