Appendix A. SO Scripts and Configuration

by Doug Burks, creator of Security Onion

image with no caption

This appendix provides a quick reference to the Security Onion (SO) control scripts and configuration files. This material will help SO users better administer and optimize their sensor deployments.

SO Control Scripts

The NSM control scripts are one of the core components of SO. These scripts were originally a part of the NSMnow package developed by the SecurixLive team (http://www.securixlive.com/nsmnow/docs/index.php), but they have been heavily modified for use in SO.

The NSM scripts were first developed to control a Sguil server (sguild), its agents (snort_agent, ...

Get The Practice of Network Security Monitoring now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.