Time
3 hours 10 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:00
Hey, folks, welcome toe Lesson six of intro to Security Onion. I'm your instructor. Carl had in this lesson, we will review some of the resources that are available to help you with security on you.
00:12
So for the agenda,
00:14
first we'll take a look at the documentation page, followed by a look at the Security onion form. And then we'll finish up by looking over the security onion. Cheat cheat.
00:25
Oh, all right, let's get started. So in this light, here we have our three Resource is that we're going to take a look at.
00:33
We have our documentation site are Google Group
00:35
and our T Cheat.
00:37
So the documentation site It's the security onion dot Read the docks dot io than our Google Group. That's just a group stock google dot com slash forum Forum's security onion.
00:48
Then we have our cheat cheat. The reference here is to the Cici that is on the
00:54
ah Security Onion documentation site. You can also get to the cheat sheet from your home page of your security onion installation.
01:03
So I already have a pulled up here in my
01:07
browser.
01:10
So pretty much anything you could want to know about security onion can be found here.
01:15
So just on our home page, we have a table of contents we have about introduction getting started, analyst tools, network visibility, host visibility,
01:25
elastic stack, updating accounts, etcetera, etcetera, etcetera.
01:29
So if if you want to
01:32
do an installation on your own and you want to read documentation on it, just for example,
01:38
you can come in here to getting started. Go to installation.
01:42
Excuse me,
01:45
Have information about doing a quick evaluation, which is what our standalone server is, or if we want to do Ah, production deployment.
01:53
We can come in here and read through everything that you need to know about that. So hardware requirements where to download and verify your
02:02
security. Onion. I so image
02:06
how to architect your distributed deployment
02:09
than installing everything.
02:13
All the documentation in here is pretty detailed, and I really do appreciate this. There are some open source
02:22
tools that I have worked on, where the documentation hasn't been as good, and
02:27
there's been a lot of reading on Stack overflow stock exchange websites like that, just trying to get things to work.
02:34
I really appreciate the document Documentation page. For that reason,
02:40
we obviously can't go over everything that's in here. This is just high level overview
02:46
I As with most everything else, I
02:49
recommend that you come in here and read it all over. Special. If you're doing a production, deployment has become well versed in the tool.
03:00
All right, The next thing to look at is our Security, Onion and Google Group. This is the form and the mailing list.
03:07
Um,
03:08
and here is where people come and ask questions for if
03:14
they found that something is broken in their environment and they don't know how to fix it or if they
03:22
ah, if they're running into any kind of issues installing it,
03:27
that this is where they come and ask questions. And a lot of the security onion team come in here and
03:35
they'll help people work through their issues. It's
03:37
it's pretty helpful. II.
03:39
I've noticed that any time that I've broken something, somebody has broken it on their instance before I have and they've coming in here and asked questions on how to fix it
03:50
and so I can come and take a look and see what the resolution was.
03:53
So if you ever have ah specific issue that you're trying to work through.
03:58
Let's say that our squeal database is broken.
04:13
All right, let's see what we get here.
04:18
So here's some people who are rebuilding their database on server
04:24
person Think that thinks they broke their database on an upgrade
04:30
and
04:33
this form has been around for quite some time. So
04:38
there are issues going back
04:41
in this case to 2012. So that was seven years ago. If basic math serves me
04:55
in this case, it looks like they tried to install three times
04:59
and
05:00
it's just not working for them.
05:05
And one of the first questions that
05:10
security onion people
05:11
will ask you is for S O stat Redacted. Looks like they attach that here. So
05:18
the nice people over at Security onion can take a look. Wes is one of the people over at Security Onion, and he
05:26
frequently comes on here and helps people out.
05:30
So
05:30
I definitely recommend coming in here and
05:34
looking through the forums, looking through the mailing list and see if somebody else has the same issue that you do. And if they do, then
05:43
see with a resolution wise and see if it works for you.

Up Next

Security Onion

Security Onion is an open source Network Security Monitoring and log management Linux Distribution. In this course we will learn about the history, components, and architecture of the distro, and we will go over how to install and deploy single and multiple server architectures, as well as how to replay or sniff traffic.

Instructed By

Instructor Profile Image
Karl Hansen
Senior SOC Analyst
Instructor