Security Onion: Difference between revisions
From charlesreid1
(Created page with "Third party integration - sending log info from security onion to a tool like bro: https://github.com/Security-Onion-Solutions/security-onion/wiki/ThirdPartyIntegration#how-do...") |
No edit summary |
||
| Line 2: | Line 2: | ||
Info about bro on security onion wiki: https://github.com/Security-Onion-Solutions/security-onion/wiki/Bro | Info about bro on security onion wiki: https://github.com/Security-Onion-Solutions/security-onion/wiki/Bro | ||
==Iso Image for Live USB== | |||
Plug in the usb drive, list all drives, identify the device associated with the usb drive: | |||
<pre> | |||
parted -l | |||
</pre> | |||
for this example we'll use /dev/sdb. Now download the iso file, confirm the signature matches. | |||
then format the usb device with the iso: | |||
<pre> | |||
sudo dd if=securityonion-14.04.5.6.iso of=/dev/sdb bs=1M | |||
</pre> | |||
Revision as of 03:37, 28 January 2018
Third party integration - sending log info from security onion to a tool like bro: https://github.com/Security-Onion-Solutions/security-onion/wiki/ThirdPartyIntegration#how-do-i-send-bro-and-ossec-logs-to-an-external-syslog-collector
Info about bro on security onion wiki: https://github.com/Security-Onion-Solutions/security-onion/wiki/Bro
Iso Image for Live USB
Plug in the usb drive, list all drives, identify the device associated with the usb drive:
parted -l
for this example we'll use /dev/sdb. Now download the iso file, confirm the signature matches.
then format the usb device with the iso:
sudo dd if=securityonion-14.04.5.6.iso of=/dev/sdb bs=1M