Once you’ve logged into Security Onion Console (SOC), you can then click the Grafana link to see system health information.
By default, you will be viewing Grafana as an anonymous user. If you want to make changes to the default Grafana dashboards, you will need to log into Grafana with username
admin and the randomized password found via
sudo salt-call pillar.get secrets.
Grafana configuration can be found in
/opt/so/conf/grafana/etc/. However, please keep in mind that most configuration is managed with Salt, so if you manually make any modifications in
/opt/so/conf/grafana/etc/, they may be overwritten at the next salt update.