2.3
Table of Contents
About
Introduction
Getting Started
Security Onion Console (SOC)
Analyst VM
Network Visibility
Host Visibility
Logs
Updating
Accounts
Services
Customizing for Your Environment
Tuning
Tricks and Tips
Utilities
Help
Security
Appendix
Cheat Sheet
Security Onion
Docs
»
Security Onion Documentation
Edit on GitHub
Security Onion Documentation
¶
Table of Contents
¶
About
Security Onion
Security Onion Solutions, LLC
Documentation
Introduction
Overview
Analysis Tools
Deployment Scenarios
Conclusion
Getting Started
License
Architecture
Hardware Requirements
Partitioning
Release Notes
Download
VMWare
VirtualBox
Booting Issues
Installation
AWS Cloud AMI
Configuration
After Installation
Security Onion Console (SOC)
Alerts
Hunt
PCAP
Grid
Downloads
Administration
Kibana
Grafana
CyberChef
Playbook
Fleet
TheHive
ATT&CK Navigator
Analyst VM
NetworkMiner
Wireshark
Network Visibility
AF-PACKET
Stenographer
Suricata
Zeek
Strelka
Host Visibility
osquery
Beats
Wazuh
Syslog
Sysmon
Autoruns
Logs
Ingest
Filebeat
Logstash
Redis
Elasticsearch
ElastAlert
Curator
Data Fields
Alert Data Fields
Elastalert Fields
Zeek Fields
Community ID
Re-Indexing
Updating
soup
End Of Life
Accounts
Passwords
Adding Accounts
Listing Accounts
Disabling Accounts
Services
Customizing for Your Environment
Cortex
Proxy Configuration
Firewall
Email Configuration
NTP
SSH
Changing IP Addresses
Tuning
Salt
Homenet
BPF
Managing Rules
Adding Local Rules
Managing Alerts
High Performance Tuning
Tricks and Tips
Airgap
Backups
Docker
DNS Anomaly Detection
ICMP Anomaly Detection
Adding a new disk
PCAPs for Testing
Removing a Node
Syslog Output
UTC and Time Zones
Utilities
jq
so-allow
so-import-pcap
so-monitor-add
so-test
so-zeek-logs
Help
FAQ
Directory Structure
Tools
Support
Community Support
Help Wanted
Security
Appendix
Cheat Sheet
Read the Docs
v: 2.3
Versions
latest
16.04
2.3
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by
Read the Docs
.