Linux distro for intrusion detection, enterprise security monitoring, and log management

Security Onion

Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

For more information about Security Onion, please see our main website, blog, and wiki.

This Repo

This repo contains the ISO image, Wiki, and Roadmap for Security Onion.

Want to download and verify the Security Onion ISO image?

Please proceed to the Verify_ISO page.

Looking for documentation?

Please proceed to the Wiki.

Need Help?

Please proceed to the Help page.

Have Questions?

Please send questions to the Security Onion mailing list.

Want to see what lies ahead for Security Onion?

Please proceed to the Roadmap.

Looking for source code?

This repo stores no source code. You can get the source for any of our packages by doing the following at a terminal (replacing PACKAGE-NAME with the name of the package that you want the source for):

apt-get source PACKAGE-NAME

Some of our packages have their own Github repos at Security-Onion-Solutions.