2.3
Table of Contents
About
Introduction
License
First Time Users
Getting Started
Security Onion Console (SOC)
Analyst VM
Network Visibility
Host Visibility
Logs
Updating
Accounts
Services
Customizing for Your Environment
Tuning
Tricks and Tips
Backups
Docker
DNS Anomaly Detection
Endgame
ICMP Anomaly Detection
Jupyter Notebook
Machine Learning
Adding a new disk
PCAPs for Testing
Removing a Node
Syslog Output
UTC and Time Zones
Utilities
Help
Security
Appendix
Release Notes
Cheat Sheet
Security Onion
Docs
»
Tricks and Tips
Edit on GitHub
Tricks and Tips
ΒΆ
This section is a collection of miscellaneous tricks and tips for Security Onion.
Backups
What is being backed up?
Kibana Customizations
Elastic Data
Docker
Download
Security
Elastic
Images
Logs
Registry
Networking and Bridging
Containers
VMware Tools
Dependencies
More Information
DNS Anomaly Detection
Endgame
Configuration
Example Endgame Data
Pivot to Endgame Console
ICMP Anomaly Detection
Usage
Presentation
Download
Jupyter Notebook
Overview
Security Onion Setup
Jupyter Notebook
Machine Learning
Listing components
Enabling components
Disabling components
Logscan
Adding a new disk
Method 1: LVM (Logical Volume Management)
Method 2: Mount a separate drive to /nsm
Method 3: Make /nsm a symlink to the new logging location
PCAPs for Testing
tcpreplay
so-import-pcap
Removing a Node
Salt
Grafana
SOC
FleetDM
Cross Cluster Search
Syslog Output
UTC and Time Zones
Read the Docs
v: 2.3
Versions
latest
2.3
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by
Read the Docs
.