|Our easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes|
|Analyze your NIDS/HIDS alerts with Squert|
|Pivot between multiple data types with Sguil and send pcaps to Wireshark and NetworkMiner|
|Use ELSA to slice and dice your logs|
|Access full packet capture with CapMe|
|Snort/Suricata and Bro compiled with PF_RING to handle lots of traffic|
- Alert data - HIDS alerts from OSSEC and NIDS alerts from Snort/Suricata
- Asset data from Prads and Bro
- Full content data from netsniff-ng
- Host data via OSSEC and syslog-ng
- Session data from Argus, Prads, and Bro
- Transaction data - http/ftp/dns/ssl/other logs from Bro
Ready to peel back the layers of your network? Get Security Onion!
Need help? We have a Help page on our Wiki and we also offer commercial support/training.
See the latest announcements on the blog.
To learn more about installing and using Security Onion, check out our video playlist below.