Logo
2.3

Table of Contents

  • About
  • Introduction
  • License
  • First Time Users
  • Getting Started
  • Security Onion Console (SOC)
  • Analyst VM
  • Network Visibility
  • Host Visibility
  • Logs
  • Updating
  • Accounts
  • Services
  • Customizing for Your Environment
  • Tuning
  • Tricks and Tips
    • Backups
    • Docker
    • DNS Anomaly Detection
    • Endgame
    • ICMP Anomaly Detection
    • Jupyter Notebook
    • Machine Learning
    • Adding a new disk
    • PCAPs for Testing
    • Removing a Node
    • Syslog Output
    • UTC and Time Zones
  • Utilities
  • Help
  • Security
  • Appendix
  • Release Notes
  • Cheat Sheet
Security Onion
  • Docs »
  • Tricks and Tips
  • Edit on GitHub

Tricks and TipsΒΆ

This section is a collection of miscellaneous tricks and tips for Security Onion.

  • Backups
    • Elasticsearch
  • Docker
    • Download
    • Security
    • Elastic
    • Images
    • Logs
    • Registry
    • Networking and Bridging
    • Containers
    • VMware Tools
    • Dependencies
    • More Information
  • DNS Anomaly Detection
  • Endgame
    • Configuration
    • Example Endgame Data
    • Pivot to Endgame Console
  • ICMP Anomaly Detection
    • Usage
    • Presentation
    • Download
  • Jupyter Notebook
    • Overview
    • Security Onion Setup
    • Jupyter Notebook
  • Machine Learning
    • Listing components
    • Enabling components
    • Disabling components
    • Logscan
  • Adding a new disk
    • Method 1: LVM (Logical Volume Management)
    • Method 2: Mount a separate drive to /nsm
    • Method 3: Make /nsm a symlink to the new logging location
  • PCAPs for Testing
    • tcpreplay
    • so-import-pcap
  • Removing a Node
    • Salt
    • Grafana
    • SOC
    • FleetDM
    • Cross Cluster Search
  • Syslog Output
  • UTC and Time Zones
Next Previous

© Copyright 2023 Revision e13319ea.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: 2.3
Versions
latest
2.4
2.3
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds

Free document hosting provided by Read the Docs.