Anda di halaman 1dari 4

Security Onion Documentation — Security Onion ... https://securityonion.readthedocs.

io/en/latest/
Docs » Security Onion Documenta�on

Security Onion Documentation


Table of Contents
About
Security Onion
Security Onion Solu�ons, LLC
Documenta�on
Introduc�on
Core Components
Analysis Tools
Deployment Scenarios
Conclusion
Ge�ng Started
Use Cases
Architecture
Hardware Requirements
HWE
Download
VMWare
VirtualBox
Boo�ng Issues
Installa�on
ISO Release Notes
Quick Evalua�on using Security Onion ISO image
Quick Evalua�on on Ubuntu
Produc�on Deployment
A�er Installa�on
Secure Boot
Analyst Tools
Kibana
CapME
CyberChef
Squert
Sguil
NetworkMiner
Wireshark
Network Visibility
1 of 4 4/26/19, 10:24 AM
NIDS
Security OnionSnort
Documentation — Security Onion ... https://securityonion.readthedocs.io/en/latest/
Suricata
Bro
netsniff-ng
Host Visibility
Beats
Wazuh
Sysmon
Autoruns
Syslog
Elas�c Stack
Elas�csearch
Logstash
Kibana
ElastAlert
Curator
FreqServer
DomainStats
Docker
Redis
Data Fields
Alert Data Fields
Bro Fields
Elastalert Fields
Re-Indexing
Upda�ng
Upda�ng
MySQL Upgrade Errors
End Of Life
Customizing for Your Environment
Network Configura�on
Proxy Configura�on
Firewall
Email Configura�on
Changing IP Addresses
NTP
Tuning
BPF
Managing Rules
Adding Local Rules
Managing Alerts
PF-RING
2 of 4 AF-PACKET 4/26/19, 10:24 AM
High Performance Tuning
Security OnionMySQL Tuning — Security Onion ...
Documentation https://securityonion.readthedocs.io/en/latest/
Trimming PCAPs
Disabling Processes
Tricks and Tips
Airgapped Networks
Analyst VM
Best Prac�ces
Cloud Client
Connec�ng to Sguild
Disabling Desktop
DNS Anomaly Detec�on
ICMP Anomaly Detec�on
MetaPackages
Adding a new disk
PCAPs for Tes�ng
Removing a Sensor
Salt
Sensor Stops Seeing Traffic
SSH
UTC and Time Zones
Services
All services
Server services
Sensor services
Elas�c services
U�li�es
jq
Setup
so-allow
so-import-pcap
Help
FAQ
Directory Structure
Tools
Passwords
Support
Mailing Lists
Help Wanted
Integra�ons
AlienVault-OTX
Etherpad
FIR
3 of 4 GRR 4/26/19, 10:24 AM
TheHive
Security OnionMISP
Documentation — Security Onion ... https://securityonion.readthedocs.io/en/latest/
NtopNG
RITA
Strelka
Syslog Output
Security
Appendix
ELSA to Elas�c
Upgrading from 14.04 to 16.04
Cheat Sheet

4 of 4 4/26/19, 10:24 AM