4.5 KiB
Getting Started
New to Security Onion? Click the menu in the upper-right corner and you'll find links for Help and a Cheat Sheet that will help you best utilize Security Onion to hunt for evil! In addition, check out our free Security Onion Essentials online course, available on our Training website.
If you're ready to dive in, take a look at the Alerts interface to see what Security Onion has detected so far. If you find any false positives, then you can tune those in Detections.
Next, go to the Dashboards interface for a general overview of all logs collected. Here are a few overview dashboards to get you started:
Overview Dashboard | Elastic Agent Overview | Network Connection Overview | DNS | Files | HTTP | SSL
Click the drop-down menu in Dashboards to find many more dashboards. You might also want to explore the Hunt interface for more focused threat hunting.
Once you've found something of interest, escalate it to Cases to then collect evidence and analyze observables as you work towards closing the case.
If you want to check the health of your deployment, check out the Grid interface.
For more coverage of your enterprise, you can deploy the Elastic Agent to endpoints by going to the Downloads page.
What's New
To see all the latest features and fixes in this version of Security Onion, click the upper-right menu and then click the What's New link.
Security Onion Pro
Need enterprise features and premium support? Check out Security Onion Pro!
Enterprise Appliances
Want the best hardware for your enterprise deployment? Check out our enterprise appliances!
Premium Support
Experiencing difficulties and need priority support or remote assistance? We offer a premium support plan to assist corporate, educational, and government organizations.
Customize This Space
Make this area your own by customizing the content in the Config interface.