GridΒΆ

Security Onion Console (SOC) gives you access to our Grid interface. This interface allows you to quickly check the status of all nodes in your grid. It also includes a few different EPS (events per second) measurements:

  • EPS (also shown as Production EPS) is how much a node is producing. This is taken from the number of events out in Filebeat.
  • Consumption EPS is how much a search node is consuming.
  • Grid EPS in the upper right corner is the sum of all Consumption EPS measurements in the entire grid.
_images/grid.png

If you have purchased our official Security Onion Solutions appliances, then the grid page will show pictures of the front and rear of the appliances, useful for walking through connectivity discussions with personnel in the data center. If you are not using official Security Onion Solutions appliances, then it will simply display a message to that effect. This also applies to the Raid Status field in the expanded grid panel: If you are using an official Security Onion appliance with raid support then you will see the corresponding status appear in that field.

If any nodes show anything other than OK, then run so-status on the node and check logs in /opt/so/log/.