Check Documentation First¶
Before sending an email to our mailing list, check to see if your question has already been answered by one of the following:
Please keep in mind that our Google Groups are moderated, so your email will have to be approved before it is published to the list. If at first you don’t see your email appear in the mailing list, there is no need to re-send your email. It has been queued and will be approved if appropriate.
Please be courteous and respectful. Disrespectful emails can result in being banned from the Google Group.
Start a new thread instead of replying to an old one¶
Please search the mailing list to see if you can find similar issues that may help you. However, please do not reply to old threads with your new issue. Instead, please start a new thread and provide a hyperlink to the related discussion at https://groups.google.com/forum/#!forum/security-onion.
Avoid generic Ubuntu questions¶
Security Onion is based on Ubuntu. Quite often, folks ask the Security Onion mailing list for help with Ubuntu issues not strictly related to Security Onion. In order to keep the signal-to-noise ratio as high as possible, the Security Onion mailing list should only be used for questions directly relating to Security Onion itself. If you have questions about Ubuntu, you should check the Ubuntu website, forums, and Google.
Provide sufficient technical info¶
Include sostat-redacted output¶
Please run the following command:
There will be a lot of output, so you may need to increase your terminal’s scroll buffer OR redirect the output of the command to a file:
sudo sostat-redacted > sostat-redacted.txt 2>&1
sostat-redacted will automatically redact any IPv4/IPv6/MAC addresses, but there may be additional sensitive info that you still need to redact manually.
Attach the output to your email in plain text format (.txt) OR use a service like http://pastebin.com.