Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
For more information about Security Onion not contained in this Documentation, please see our community site at https://securityonion.net.
Security Onion Solutions, LLC¶
Doug Burks started Security Onion as a free and open source project in 2008 and then founded Security Onion Solutions, LLC in 2014.
Security Onion Solutions, LLC is the only official provider of training, professional services, and hardware appliances for Security Onion.
For more information about these products and services, please see our corporate site at https://securityonionsolutions.com.
This documentation is published online at https://securityonion.net/docs. If you are viewing an offline version of this documentation but have Internet access, you might want to switch to the online version at https://securityonion.net/docs to see the latest version.
We welcome your contributions to our documentation! We will review any suggestions and apply them if appropriate.
If you are accessing the online version of the documentation and notice that a particular page has incorrect information, you can submit corrections by clicking the
Edit on GitHub button in the upper right corner of each page.
Our goal is to allow you to easily guess and type the URL of the documentation you want to go to.
To achieve this goal, new documentation pages should use the following naming convention:
- all lowercase
- ideally, the name of the page should be one simple word (for example:
- try to avoid symbols if possible
- if symbols are required, use hyphens (NOT underscores)