First Time Users¶
If this is your first time using Security Onion 2, then we highly recommend that you start with our Security Onion ISO image as shown in the Download section. Then install the ISO image as shown in the Installation section and configure for IMPORT as shown in the Configuration section. This can be done in a minimal virtual machine with as little as 4GB RAM, 2 CPU cores, and 200GB of storage. For more information about virtualization, please see the VMware, VirtualBox, and Proxmox sections.
The following screenshots will walk you through:
- installing our Security Onion ISO image
- configuring for IMPORT
- logging into Security Onion Console (SOC)
- navigating to Grid and importing a pcap or evtx file
- reviewing data via Alerts, Dashboards, Hunt, and PCAP
Once you’re comfortable with your IMPORT installation, then you can move on to more advanced installations as shown in the Architecture section.