Security Onion
latest
Table of Contents
About
Introduction
Getting Started
Analyst Tools
Network Visibility
Host Visibility
Elastic Stack
Updating
Accounts
Customizing for Your Environment
Tuning
Tricks and Tips
Services
Utilities
Help
Integrations
Security
Appendix
Cheat Sheet
Security Onion
Docs
»
Security Onion Documentation
Edit on GitHub
Security Onion Documentation
¶
Table of Contents
¶
About
Security Onion
Security Onion Solutions, LLC
Documentation
Introduction
Core Components
Analysis Tools
Deployment Scenarios
Conclusion
Getting Started
Use Cases
Architecture
Hardware Requirements
HWE
Download
VMWare
VirtualBox
Booting Issues
Installation
ISO Release Notes
Quick Evaluation using Security Onion ISO image
Quick Evaluation on Ubuntu
Production Deployment
After Installation
Secure Boot
Analyst Tools
Kibana
CapME
CyberChef
Squert
Sguil
NetworkMiner
Wireshark
Network Visibility
NIDS
Snort
Suricata
Zeek
netsniff-ng
Host Visibility
Beats
Wazuh
Sysmon
Autoruns
Syslog
Elastic Stack
Elasticsearch
Logstash
Kibana
ElastAlert
Curator
FreqServer
DomainStats
Docker
Redis
Data Fields
Alert Data Fields
Zeek Fields
Elastalert Fields
Re-Indexing
Elastic Features
Elastic Auth
Updating
Updating
MySQL Upgrade Errors
apt-cacher-ng
End Of Life
Accounts
Passwords
Adding Accounts
Listing Accounts
Disabling Accounts
Customizing for Your Environment
Network Configuration
Proxy Configuration
Firewall
Email Configuration
Changing IP Addresses
NTP
Tuning
BPF
Managing Rules
Adding Local Rules
Managing Alerts
PF-RING
AF-PACKET
High Performance Tuning
MySQL Tuning
Trimming PCAPs
Disabling Processes
Tricks and Tips
Airgapped Networks
Analyst VM
Best Practices
Cloud Client
Connecting to Sguild
Disabling Desktop
DNS Anomaly Detection
ICMP Anomaly Detection
MetaPackages
Adding a new disk
PCAPs for Testing
Removing a Sensor
Salt
Sensor Stops Seeing Traffic
SSH
UTC and Time Zones
Services
All services
Server services
Sensor services
Elastic services
Utilities
jq
Setup
so-allow
so-elasticsearch-query
so-import-pcap
Help
FAQ
Directory Structure
Tools
Support
Mailing Lists
Help Wanted
Integrations
AlienVault-OTX
Etherpad
FIR
GRR
TheHive
MISP
NtopNG
RITA
Strelka
Syslog Output
Security
Appendix
ELSA to Elastic
Upgrading from 14.04 to 16.04
Cheat Sheet
Read the Docs
v: latest
Versions
latest
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by
Read the Docs
.