MailingLists
Please note! This wiki is no longer maintained. Our documentation has moved to https://securityonion.net/docs/. Please update your bookmarks. You can find the latest version of this page at: https://securityonion.net/docs/MailingLists.
Before sending an email to our mailing list, check to see if your question has already been answered by one of the following:
Please keep in mind that our Google Groups are moderated, so your email will have to be approved before it is published to the list. If at first you don't see your email appear in the mailing list, there is no need to re-send your email. It has been queued and will be approved if appropriate.
Please be courteous and respectful. Disrespectful emails can result in being banned from the Google Group.
Please search the mailing list to see if you can find similar issues that may help you. However, please do not reply to old threads with your new issue. Instead, please start a new thread and provide a hyperlink to the related discussion at https://groups.google.com/forum/#!forum/security-onion.
Security Onion is based on Ubuntu. Quite often, folks ask the Security Onion mailing list for help with Ubuntu issues not strictly related to Security Onion. In order to keep the signal-to-noise ratio as high as possible, the Security Onion mailing list should only be used for questions directly relating to Security Onion itself. If you have questions about Ubuntu, you should check the Ubuntu website, forums, and Google.
In order to be as effective and efficient as possible, please consider the following when posing your question/problem to the group: http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
Please run the following command:
sudo sostat-redacted
There will be a lot of output, so you may need to increase your terminal's scroll buffer OR redirect the output of the command to a file:
sudo sostat-redacted > sostat-redacted.txt 2>&1
sostat-redacted will automatically redact any IPv4/IPv6/MAC addresses, but there may be additional sensitive info that you still need to redact manually.
Attach the output to your email in plain text format (.txt) OR use a service like http://pastebin.com.
The security-onion mailing list is for announcements and general user support questions:
- Introduction
- Use Cases
- Hardware Requirements
- Release Notes
- Download/Install
- Booting Issues
- After Installation
- UTC and Time Zones
- Services
- VirtualBox Walkthrough
- VMWare Walkthrough
- Videos
- Architecture
- Cheat Sheet
- Conference
- Elastic Stack
- Elastic Architecture
- Elasticsearch
- Logstash
- Kibana
- ElastAlert
- Curator
- FreqServer
- DomainStats
- Docker
- Redis
- Data Fields
- Beats
- Pre-Releases
- ELSA to Elastic
- Network Configuration
- Proxy Configuration
- Firewall/Hardening
- Email Configuration
- Integrating with other systems
- Changing IP Addresses
- NTP
- Managing Alerts
- Managing Rules
- Adding Local Rules
- Disabling Processes
- Filtering with BPF
- Adjusting PF_RING for traffic
- MySQL Tuning
- Adding a new disk
- High Performance Tuning
- Trimming PCAPs