Security Onion


Peel back the layers of your enterprise

Find out more

About Security Onion


Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

Get started!

Data Types


Alert data

HIDS alerts from Wazuh and NIDS alerts from Snort/Suricata

Asset Data

Asset Data from Bro

Full content data

Full packet capture from netsniff-ng

Host data

Host data via Beats, Wazuh, syslog, and more

Session data

Session data from Bro

Transaction data

http/ftp/dns/ssl/other logs from Bro

Screenshots


Want to learn more about Security Onion?

Documentation Conference SOS
Copyright © Security Onion Solutions, LLC