Security Onion
2.3

Table of Contents

  • About
  • Introduction
  • Getting Started
  • Security Onion Console (SOC)
  • Analyst VM
  • Network Visibility
  • Host Visibility
  • Logs
  • Updating
  • Accounts
  • Services
  • Customizing for Your Environment
  • Tuning
  • Tricks and Tips
    • Airgap
    • Cloud AMI
    • Docker
    • DNS Anomaly Detection
    • ICMP Anomaly Detection
    • Adding a new disk
    • PCAPs for Testing
    • Removing a Sensor
    • Syslog Output
    • UTC and Time Zones
  • Utilities
  • Help
  • Security
  • Appendix
  • Cheat Sheet
Security Onion
  • Docs »
  • Tricks and Tips
  • Edit on GitHub

Tricks and TipsΒΆ

This section is a collection of miscellaneous tricks and tips for Security Onion.

  • Airgap
    • Key Differences
    • Updating
    • Updating from RC3
  • Cloud AMI
    • Getting Started
  • Docker
    • Download
    • Security
    • Elastic
    • Registry
    • Networking
    • Bridge
    • Containers
    • VMware Tools
    • Dependencies
  • DNS Anomaly Detection
  • ICMP Anomaly Detection
    • Usage
    • Presentation
    • Download
  • Adding a new disk
    • Method 1: LVM (Logical Volume Management)
    • Method 2: Mount a separate drive to /nsm
    • Method 3: Make /nsm a symlink to the new logging location
  • PCAPs for Testing
    • Links
    • Downloading
    • tcpreplay
    • so-import-pcap
  • Removing a Sensor
    • Disable sensor interface
    • Delete sensor configuration
    • Wipe sensor configuration and data
    • Remove sensor reference from manager node
    • Remove search node reference from manager node Elasticsearch _cluster/settings
  • Syslog Output
  • UTC and Time Zones
Next Previous

© Copyright 2020 Revision b2ed7673.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: 2.3
Versions
latest
16.04
2.3
2.2
2.1
2.0
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.