First Time Users

If this is your first time using Security Onion 2, then we highly recommend that you start with a simple IMPORT installation using our Security Onion ISO image (see the Download section). This can be done in a minimal virtual machine (see the VMware and VirtualBox sections) with only 4GB RAM.

Simply follow the screenshots below to:

  • install our Security Onion ISO image
  • configure for IMPORT
  • optionally enable the Analyst environment (see the Analyst VM section)
  • run so-import-pcap and import one or more pcap files

After following the screenshots, you can skip to the Security Onion Console (SOC) section.

Once you’re comfortable with your IMPORT installation, then you can move on to more advanced installations as shown in the Architecture section.

_images/1_grub.png _images/2_initial_install.png _images/3_initial_install_finished.png _images/4_setup_init.png _images/5_setup_option.png _images/6_setup_type.png _images/7_setup_license.png _images/8_setup_hostname.png _images/9_setup_hostname_conflict.png _images/10_setup_mn_nic.png _images/11_setup_mn_int.png _images/12_setup_cidr.png _images/13_setup_gateway.png _images/14_setup_dns_servers.png _images/15_setup_dns_domain.png _images/16_setup_network_init.png _images/17_setup_airgap.png _images/18_setup_direct_proxy.png _images/19_setup_homenet.png _images/20_setup_webuser.png _images/21_setup_webpass1.png _images/22_setup_webpass2.png _images/23_setup_access_type.png _images/24_setup_ntp.png _images/25_setup_npt_input.png _images/26_setup_so_allow.png _images/27_setup_so_allow_input.png _images/28_setup_summary.png _images/29_setup_finished.png _images/30_so_analyst_install.png _images/31_so_analyst_install_finished.png _images/32_so-import-pcap.png _images/34_desktop.png _images/35_desktop_menu.png _images/36_login.png _images/37_welcome.png _images/38_hunt.png _images/40_pcap.png _images/41_pcap_details.png _images/42_cyberchef.png _images/43_top.png