Table of Contents
About
Introduction
License
First Time Users
Getting Started
Security Onion Console (SOC)
Security Onion Desktop
Network Visibility
Additional Network Visibility
Host Visibility
Third Party Integrations
Rules
Logs
Updating
Accounts
Services
Customizing for Your Environment
Tricks and Tips
Backup
Docker
Jupyter Notebook
Adding a new disk
Network Installation
PCAPs for Testing
High Performance Tuning
Removing a Node
Salt
Syslog Output
UTC and Time Zones
Endgame
Utilities
Help
Security Onion Pro
Security
Telemetry
Release Notes
Appendix
Cheat Sheet
Security Onion Documentation
Tricks and Tips
View page source
Tricks and Tips
This section is a collection of miscellaneous tricks and tips for Security Onion.
Backup
Elasticsearch
Docker
Download
Security
Elastic
Images
Logs
Registry
Networking and Bridging
Containers
VMware Tools
More Information
Jupyter Notebook
Overview
Security Onion Setup
Jupyter Notebook
Adding a new disk
Method 1: LVM (Logical Volume Management)
Method 2: Mount a separate drive to /nsm
Method 3: Make /nsm a symlink to the new logging location
Network Installation
Partitioning
Installing via the network
PCAPs for Testing
Replay
Import
High Performance Tuning
CPU Affinity/Pinning
Misc
RSS
Disk/Memory
Elastic
Removing a Node
Removing a Search Node
Removing from Salt
Removing from SOC
Removing from Fleet
Salt
Firewall Requirements
Checking Status
Remote Execution
Node checkin
Configuration
Salt Minion Startup Options
Diagnostic Logs
Known Issues
More Information
Syslog Output
UTC and Time Zones
Endgame
Configuration
Pivot to Endgame Console