Security Onion

Peel back the layers of your enterprise

Find out more

About Security Onion

Security Onion is a free and open source Linux distribution for threat hunting, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Zeek (formerly known as Bro), Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

Get started!

Data Types

Alert data

HIDS alerts from Wazuh and NIDS alerts from Snort/Suricata

Asset Data

Asset Data from Zeek (formerly known as Bro)

Full content data

Full packet capture from netsniff-ng

Host data

Host data via Beats, Wazuh, syslog, and more

Session data

Session data from Zeek (formerly known as Bro)

Transaction data

http/ftp/dns/ssl/other logs from Zeek (formerly known as Bro)


Looking for training, professional services, or hardware appliances?

Security Onion Solutions
Copyright © Security Onion Solutions, LLC