securityonion
securityonion copied to clipboard
Security-Onion-Solutions
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case mana...
### Discussed in https://github.com/Security-Onion-Solutions/securityonion/discussions/8189 Originally posted by **sleepingbel** June 26, 2022 Hello all, After installing the new sysmon modular [sysmonconfig.xml](https://github.com/olafhartong/sysmon-modular/blob/master/sysmonconfig.xml), I have seen that multiple sysmon events do not have...
Allow for the ability to specify retention days for Zeek logs on Sensor nodes in \/nsm\/zeek\/logs. There can be a condition where Zeek logs grow and other logs like Stenographer...
I would really love SO to have an official and documented way for unattended/automatic installation. The world is moving to infra as code, with components as Ansible solving the challenge...
``` product: windows category: raw_access_thread product: windows category: create_stream_hash product: windows category: create_remote_thread ``` CF: https://github.com/Security-Onion-Solutions/securityonion/discussions/8105
Hi, the backup documentation (and possibly the backup script) doesn't take into consideration the new Cases tool in ELK. This data doesn't belong to "big data" anymore, and backup /...
Consider supporting, or provide a guide on how to install/use Wazuh App
As an analyst, I need to be able to pivot on ICMP alerts or metadata and retrieve packets. Current support is TCP and UDP.
If you boot from the ISO but do not select the analyst workstation install, then when setup runs if you choose Analyst there it will see that you booted from...
Metadata
Owner
Metadata
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case mana...