- Joined
- Jan 8, 2019
- Messages
- 56,604
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,446
- Points
- 2,313
- Credits
- 32,560
6 Years of Service
76%
Security Onion is a free and open-source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Below are several diagrams to represent the current architecture and deployment scenarios for Security Onion on the Elastic Stack.
Changelog v2.3.110
FEATURE: Full ECS data type compliance #6747
FEATURE: Intrusion Detection Honeypot Node #7138
FEATURE: Multi-Factor Authentication (MFA) for Security Onion #7316
FEATURE: Populate Zeek’s networks.cfg with $HOME_NET #6854
FEATURE: SOC authentication logs will now be ingested into Elasticsearch #7354
FEATURE: sort indices list alphabetically by index name #6969
FIX: ACNG should clear the cache on restart #7114
FIX: Abort so-user sync if Kratos database is locked #7459
FIX: Add Endgame Index settings to the global.sls on new installs #7293
FIX: Allow downgrades during docker_install #7228
FIX: Avoid telegraf apparmor issues #2560
FIX: Composable Templates #4644
FIX: Increase minimum password length from 6 to 8 characters #7352
FIX: Navigator should ship with all needed files #1162
FIX: Prevent Elasticsearch deprecation notices from causing installation failures #7353
FIX: Random passwords generated at setup contain character combinations that cause problems with some containers #7233
FIX: curator should exclude so-case* indices #7270
FIX: so-ip-update needs to update Kibana dashboards #7237
FIX: so-status TTY improvements #7355
UPGRADE: Elastic 7.17.1 #7137
UPGRADE: FleetDM to 4.10.0 #7245
UPGRADE: Grafana 8.4.1 #7281
UPGRADE: Kratos 0.8.2-alpha.1 #7351