CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
728 Commits 24 Branches 119 Tags
be57387d04986adeb52fc6fc661aff08a8fe656a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Mike Reeves be57387d04 Update Readme
2018-11-02 15:32:53 -04:00
files
Utility Module - Make it so it doesn't error out for cross cluster
2018-10-15 18:37:22 -04:00
pillar
Try and Fix certs
2018-10-31 19:55:21 -04:00
salt
Firewall Module - Fix logic for master
2018-11-02 14:33:26 -04:00
.gitignore
Update Git Ignore
2018-05-16 17:21:34 -04:00
exclude-list.txt
Master Update Script - Initial commit
2018-09-28 18:40:23 -04:00
README.md
Update Readme
2018-11-02 15:32:53 -04:00
so-setup-network.sh
Setup Script - Enable salt on rebootd
2018-11-02 12:55:40 -04:00
updatemaster.sh
Update Script - Run highstate to fix perms
2018-10-05 18:28:30 -04:00
VERSION
Setup Script - Centos Support changes
2018-10-22 13:34:07 -04:00

README.md

Security Onion Hybrid Hunter Tech Preview 1.0.1

Warnings and Disclaimers

This technology PREVIEW is PRE-ALPHA, BLEEDING EDGE, and TOTALLY UNSUPPORTED!
If this breaks your system, you get to keep both pieces!
This script is a work in progress and is in constant flux.
This script is intended to build a quick prototype proof of concept so you can see what our new platform might look like. This configuration will change drastically over time leading up to the final release.
Do NOT run this on a system that you care about!
Do NOT run this on a system that has data that you care about!
This script should only be run on a TEST box with TEST data!
This script is only designed for standalone boxes and does NOT support distributed deployments.
Use of this script may result in nausea, vomiting, or a burning sensation.

Installation:

If you are using CentOS 7 there are a couple pre-requisites:

sudo yum -y install bind-utils
sudo hostnamectl set-hostname YOURHOSTNAME
sudo reboot

Once you resolve those requirements or are using Ubuntu 16.04 do the following:

git clone https://github.com/Security-Onion-Solutions/securityonion-saltstack
cd securityonion-saltstack
sudo bash so-setup-network.sh

Allow Access to Kibana:

For a single host:

sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh analyst 192.168.30.1

For a network range:

sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh analyst 192.168.30.0/24

Then connect to your master via https://YOURMASTER

See the FAQ on the Hybrid Hunter wiki.

Warnings and Disclaimers

This technology PREVIEW is PRE-ALPHA, BLEEDING EDGE, and TOTALLY UNSUPPORTED! If this breaks your system, you get to keep both pieces! This script is a work in progress and is in constant flux. This script is intended to build a quick prototype proof of concept so you can see what our ultimate ELK configuration might look like. This configuration will change drastically over time leading up to the final release. Do NOT run this on a system that you care about! Do NOT run this on a system that has data that you care about! This script should only be run on a TEST box with TEST data! This script is only designed for standalone boxes and does NOT support distributed deployments. Use of this script may result in nausea, vomiting, or a burning sensation.

Reference in New Issue View Git Blame Copy Permalink
Description
Security Onion 2 - Linux distro for threat hunting, enterprise security monitoring, and log management
Readme 125 MiB
Languages
Shell 51%
Jinja 22.2%
SaltStack 12%
Python 8.7%
CSS 2%
Other 4%