The only real downside to your hybrid system may be the even even larger uptick in flagged issues. However, considering that the objective of an IDS should be to flag possible intrusions, it’s hard to see this boost in flags as being a detrimental. Suricata is probably the key alternative https://codyrttuu.blogstival.com/55265785/everything-about-ids
