Logo
2.3

Table of Contents

  • About
  • Introduction
  • Getting Started
  • Security Onion Console (SOC)
  • Analyst VM
  • Network Visibility
  • Host Visibility
  • Logs
  • Updating
  • Accounts
  • Services
  • Customizing for Your Environment
  • Tuning
  • Tricks and Tips
    • Airgap
    • Backups
    • Docker
    • DNS Anomaly Detection
    • ICMP Anomaly Detection
    • Adding a new disk
    • PCAPs for Testing
    • Removing a Node
    • Syslog Output
    • UTC and Time Zones
  • Utilities
  • Help
  • Security
  • Appendix
  • Cheat Sheet
Security Onion
  • Docs »
  • Tricks and Tips
  • Edit on GitHub

Tricks and TipsΒΆ

This section is a collection of miscellaneous tricks and tips for Security Onion.

  • Airgap
    • Key Differences
    • Updating
    • Updating from RC3
  • Backups
    • What is being backed up?
    • Kibana Customizations
    • Elastic Data
  • Docker
    • Download
    • Security
    • Elastic
    • Registry
    • Networking and Bridging
    • Containers
    • VMware Tools
    • Dependencies
  • DNS Anomaly Detection
  • ICMP Anomaly Detection
    • Usage
    • Presentation
    • Download
  • Adding a new disk
    • Method 1: LVM (Logical Volume Management)
    • Method 2: Mount a separate drive to /nsm
    • Method 3: Make /nsm a symlink to the new logging location
  • PCAPs for Testing
    • tcpreplay
    • so-import-pcap
  • Removing a Node
    • Remove search node
  • Syslog Output
  • UTC and Time Zones
Next Previous

© Copyright 2021 Revision bfb1e9fb.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: 2.3
Versions
latest
16.04
2.3
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.