First Time Users

If this is your first time using Security Onion 2, then we highly recommend that you start with a simple IMPORT installation using our Security Onion ISO image (see the Download section). This can be done in a minimal virtual machine (see the VMware and VirtualBox sections) with as little as 4GB RAM, 2 CPU cores, and 200GB of storage.

The following screenshots will walk you through:

  • installing our Security Onion ISO image
  • configuring for IMPORT
  • optionally enabling the Analyst environment (see the Analyst VM section)
  • running so-import-pcap and importing one or more pcap files

After following the screenshots, you can skip to the Security Onion Console (SOC) section.

Once you’re comfortable with your IMPORT installation, then you can move on to more advanced installations as shown in the Architecture section.

_images/1_grub.png _images/2_initial_install.png _images/3_initial_install_finished.png _images/4_setup_init.png _images/5_setup_option.png _images/6_setup_type.png _images/7_setup_license.png _images/8_setup_hostname.png _images/9_setup_hostname_conflict.png _images/10_setup_mn_nic.png _images/11_setup_mn_int.png _images/12_setup_cidr.png _images/13_setup_gateway.png _images/14_setup_dns_servers.png _images/15_setup_dns_domain.png _images/16_setup_network_init.png _images/17_setup_airgap.png _images/18_setup_direct_proxy.png _images/19_setup_homenet.png _images/20_setup_webuser.png _images/21_setup_webpass1.png _images/22_setup_webpass2.png _images/23_setup_access_type.png _images/24_setup_ntp.png _images/25_setup_npt_input.png _images/26_setup_so_allow.png _images/27_setup_so_allow_input.png _images/28_setup_summary.png _images/29_setup_finished.png _images/30_so_analyst_install.png _images/31_so_analyst_install_finished.png _images/32_gnome_user.png _images/33_gnome_pass.png _images/34_gnome_desktop.png _images/35_gnome_apps.png _images/36_login.png _images/37_welcome.png _images/38_so-import-pcap.png _images/44_alerts.png _images/45_dashboards.png _images/39_hunt.png _images/40_pcap.png _images/41_pcap_details.png _images/42_cyberchef.png _images/43_top.png