|Our easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes|
|Analyze your NIDS alerts with Snorby|
|Use Squert to analyze your NIDS/HIDS alerts and other data|
|Pivot between multiple data types with Sguil and send pcaps to Wireshark and NetworkMiner|
|Use ELSA to slice and dice your logs|
|Access full packet capture with CapMe|
|Snort/Suricata and Bro compiled with PF_RING to handle lots of traffic|
- Alert data - HIDS alerts from OSSEC and NIDS alerts from Snort/Suricata
- Asset data from Prads and Bro
- Full content data from netsniff-ng
- Host data via OSSEC and syslog-ng
- Session data from Argus, Prads, and Bro
- Transaction data - http/ftp/dns/ssl/other logs from Bro
Ready to peel back the layers of your network? Get Security Onion!
See the latest announcements on the blog.
To learn more about installing and using Security Onion, check out our video playlist below.