Logo
2.3

Table of Contents

  • About
  • Introduction
  • Getting Started
  • Security Onion Console (SOC)
  • Analyst VM
  • Network Visibility
  • Host Visibility
  • Logs
  • Updating
  • Accounts
  • Services
  • Customizing for Your Environment
  • Tuning
  • Tricks and Tips
  • Utilities
  • Help
  • Security
  • Appendix
  • Cheat Sheet
Security Onion
  • Docs »
  • Security Onion Documentation
  • Edit on GitHub

Security Onion Documentation¶

Table of Contents¶

  • About
    • Security Onion
    • Security Onion Solutions, LLC
    • Documentation
  • Introduction
    • Overview
    • Analysis Tools
    • Deployment Scenarios
    • Conclusion
  • Getting Started
    • License
    • Architecture
    • Hardware Requirements
    • Partitioning
    • Release Notes
    • Download
    • VMWare
    • VirtualBox
    • Booting Issues
    • Installation
    • AWS Cloud AMI
    • Configuration
    • After Installation
  • Security Onion Console (SOC)
    • Alerts
    • Hunt
    • PCAP
    • Grid
    • Downloads
    • Administration
    • Kibana
    • Grafana
    • CyberChef
    • Playbook
    • Fleet
    • TheHive
    • ATT&CK Navigator
  • Analyst VM
    • NetworkMiner
    • Wireshark
  • Network Visibility
    • AF-PACKET
    • Stenographer
    • Suricata
    • Zeek
    • Strelka
  • Host Visibility
    • osquery
    • Beats
    • Wazuh
    • Syslog
    • Sysmon
    • Autoruns
  • Logs
    • Ingest
    • Filebeat
    • Logstash
    • Redis
    • Elasticsearch
    • ElastAlert
    • Curator
    • Data Fields
    • Alert Data Fields
    • Elastalert Fields
    • Zeek Fields
    • Community ID
    • Re-Indexing
  • Updating
    • soup
    • End Of Life
  • Accounts
    • Passwords
    • Adding Accounts
    • Listing Accounts
    • Disabling Accounts
  • Services
  • Customizing for Your Environment
    • Cortex
    • Proxy Configuration
    • Firewall
    • Email Configuration
    • NTP
    • SSH
    • Changing IP Addresses
  • Tuning
    • Salt
    • Homenet
    • BPF
    • Managing Rules
    • Adding Local Rules
    • Managing Alerts
    • High Performance Tuning
  • Tricks and Tips
    • Airgap
    • Backups
    • Docker
    • DNS Anomaly Detection
    • ICMP Anomaly Detection
    • Adding a new disk
    • PCAPs for Testing
    • Removing a Node
    • Syslog Output
    • UTC and Time Zones
  • Utilities
    • jq
    • so-allow
    • so-import-pcap
    • so-monitor-add
    • so-test
    • so-zeek-logs
  • Help
    • FAQ
    • Directory Structure
    • Tools
    • Support
    • Community Support
    • Help Wanted
  • Security
  • Appendix
  • Cheat Sheet
Next

© Copyright 2021 Revision bfb1e9fb.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: 2.3
Versions
latest
16.04
2.3
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds

Free document hosting provided by Read the Docs.