First Time Users¶
If this is your first time using Security Onion 2, then we highly recommend that you start with a simple IMPORT installation using our Security Onion ISO image (see the Download section). This can be done in a minimal virtual machine (see the VMware and VirtualBox sections) with as little as 4GB RAM, 2 CPU cores, and 200GB of storage.
The following screenshots will walk you through:
- installing our Security Onion ISO image
- configuring for IMPORT
- running so-import-pcap and importing one or more pcap files
- logging into Security Onion Console (SOC) to review alerts and logs
After following the screenshots, you can skip to the Security Onion Console (SOC) section.
Once you’re comfortable with your IMPORT installation, then you can move on to more advanced installations as shown in the Architecture section.