Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!Get started!
HIDS alerts from Wazuh and NIDS alerts from Snort/Suricata
Asset Data from Bro
Full packet capture from netsniff-ng
Host data via Beats, Wazuh, syslog, and more
Session data from Bro
http/ftp/dns/ssl/other logs from Bro