Security Onion: Difference between revisions
From charlesreid1
(Created page with "Third party integration - sending log info from security onion to a tool like bro: https://github.com/Security-Onion-Solutions/security-onion/wiki/ThirdPartyIntegration#how-do...") |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 2: | Line 2: | ||
Info about bro on security onion wiki: https://github.com/Security-Onion-Solutions/security-onion/wiki/Bro | Info about bro on security onion wiki: https://github.com/Security-Onion-Solutions/security-onion/wiki/Bro | ||
Peeling the security onion: https://www.networkworld.com/article/2220605/cisco-subnet/cisco-subnet-peeling-the-security-onion.html | |||
==Iso Image for Live USB== | |||
Plug in the usb drive, list all drives, identify the device associated with the usb drive: | |||
<pre> | |||
parted -l | |||
</pre> | |||
for this example we'll use /dev/sdb. Now download the iso file, confirm the signature matches. | |||
then format the usb device with the iso: | |||
<pre> | |||
sudo dd if=securityonion-14.04.5.6.iso of=/dev/sdb bs=1M | |||
</pre> | |||
Latest revision as of 19:17, 29 January 2018
Third party integration - sending log info from security onion to a tool like bro: https://github.com/Security-Onion-Solutions/security-onion/wiki/ThirdPartyIntegration#how-do-i-send-bro-and-ossec-logs-to-an-external-syslog-collector
Info about bro on security onion wiki: https://github.com/Security-Onion-Solutions/security-onion/wiki/Bro
Peeling the security onion: https://www.networkworld.com/article/2220605/cisco-subnet/cisco-subnet-peeling-the-security-onion.html
Iso Image for Live USB
Plug in the usb drive, list all drives, identify the device associated with the usb drive:
parted -l
for this example we'll use /dev/sdb. Now download the iso file, confirm the signature matches.
then format the usb device with the iso:
sudo dd if=securityonion-14.04.5.6.iso of=/dev/sdb bs=1M