Security Onion

Peel back the layers of your enterprise

Find out more

About Security Onion

Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

Get started!

Data Types

Alert data

HIDS alerts from Wazuh and NIDS alerts from Snort/Suricata

Asset Data

Asset Data from Bro

Full content data

Full packet capture from netsniff-ng

Host data

Host data via Beats, Wazuh, syslog, and more

Session data

Session data from Bro

Transaction data

http/ftp/dns/ssl/other logs from Bro


Looking for training, professional services, or hardware appliances?

Security Onion Solutions
Copyright © Security Onion Solutions, LLC