{"id":14084,"date":"2022-09-26T13:40:20","date_gmt":"2022-09-26T10:40:20","guid":{"rendered":"https:\/\/kifarunix.com\/?p=14084"},"modified":"2024-03-09T21:26:10","modified_gmt":"2024-03-09T18:26:10","slug":"install-and-setup-security-onion-on-virtualbox","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-and-setup-security-onion-on-virtualbox\/","title":{"rendered":"Install and Setup Security Onion on VirtualBox"},"content":{"rendered":"\n<p>In this tutorial, you will learn how to install and setup Security Onion on VirtualBox. According to Security Onion page, &#8220;<em>Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!<\/em> It <em>includes a native web interface with built-in tools analysts use to respond to alerts, hunt for evil, catalog evidence into cases, monitor grid performance, and much more. Additionally, third-party tools, such as Elasticsearch, Logstash, Kibana, Suricata, Zeek (formerly known as Bro), Wazuh, Stenographer, CyberChef, NetworkMiner, and many more are included<\/em>.&#8221;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Install and Setup Security Onion on VirtualBox<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Download Security Onion Installation ISO File<\/h3>\n\n\n\n<p>Navigate to the <a href=\"https:\/\/github.com\/Security-Onion-Solutions\/securityonion\/blob\/master\/VERIFY_ISO.md\" target=\"_blank\" rel=\"noreferrer noopener\">downloads page<\/a> and grab the current release version, (2.3.160-20220829 as of this writing), of Security Onion installation ISO file.<\/p>\n\n\n\n<p>The ISO file is around 7.3GB in size.<\/p>\n\n\n\n<p>You can simply get the download URL and pull using wget;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>wget -c https:\/\/download.securityonion.net\/file\/securityonion\/securityonion-2.3.160-20220829.iso<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Verify the Integrity of the ISO file<\/h3>\n\n\n\n<p>Once the download is complete, you need to verify the integrity of the ISO file by checking the hash values and comparing with those provided on the downloads page.<\/p>\n\n\n\n<p>It is also possible to verify the integrity of the ISO file using GPG sigatures. However, in this setup, we will just calculate MD5 hash value of the iso file;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>md5sum securityonion-2.3.160-20220829.iso<\/code><\/pre>\n\n\n\n<p>Sample output;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ced26ed960f4f778db59fb9a4aec88a7  securityonion-2.3.160-20220829.iso<\/code><\/pre>\n\n\n\n<p>Compare the hash value with what is provided on the official download page;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>MD5: CED26ED960F4F778DB59FB9A4AEC88A7<\/code><\/pre>\n\n\n\n<p>Ensure the hash values match!<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Create Security Onion VirtualBox VM<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Launch VirtualBox Manager and create a new virtual machine by pressing <strong>Ctrl+n<\/strong>.<\/li>\n<\/ul>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/create-security-onion-vm.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"880\" height=\"518\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/create-security-onion-vm.png\" alt=\"Install and Setup Security Onion on VirtualBox\" class=\"wp-image-14101\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/create-security-onion-vm.png?v=1663861563 880w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/create-security-onion-vm-768x452.png?v=1663861563 768w\" sizes=\"(max-width: 880px) 100vw, 880px\" \/><\/figure><\/a><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Go Next and select the amount of memory (RAM) in megabytes to be allocated to the virtual machine. See <a href=\"https:\/\/docs.securityonion.net\/en\/2.3\/hardware.html\" target=\"_blank\" rel=\"noreferrer noopener\">hardware requirements page<\/a> for the recommendations.<\/li>\n\n\n\n<li>Create a virtual hard disk for the machine\n<ul class=\"wp-block-list\">\n<li>choose the file type as VDI<\/li>\n\n\n\n<li>Set the storage to be dynamically allocated<\/li>\n\n\n\n<li>Set the File location and size. <strong>You will need at least 99GB<\/strong>.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Click <strong>Create<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Attach Security Onion Installation ISO file to the VM<\/h3>\n\n\n\n<p>Open the settings of the newly created security onion vm and navigate to <strong>storage<\/strong>.<\/p>\n\n\n\n<p>Under storage devices &gt; Controller IDE, click on the optical drive icon to add the installation ISO file to the vm.<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"945\" height=\"517\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso.png\" alt=\"Install and Setup Security Onion on VirtualBox\" class=\"wp-image-14102\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso.png?v=1663861689 945w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso-768x420.png?v=1663861689 768w\" sizes=\"(max-width: 945px) 100vw, 945px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>Search for the ISO file and attach it. It should now look like;<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso-.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"947\" height=\"541\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso-.png\" alt=\"Install and Setup Security Onion on VirtualBox\" class=\"wp-image-14103\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso-.png?v=1663861713 947w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-add-installation-iso--768x439.png?v=1663861713 768w\" sizes=\"(max-width: 947px) 100vw, 947px\" \/><\/figure><\/a><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Update System Resources, RAM and vCPUs<\/h3>\n\n\n\n<p>Under <strong>System<\/strong> settings;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Under motherboard, update the amount of RAM to be assigned to your VM. Minimum recommended is 4GB.<\/li>\n\n\n\n<li>Under processor, update the number of vCPUs. Minimum recommended is 2 vCPUs<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Add Network Interface Cards to Security Onion VM<\/h3>\n\n\n\n<p>Security Onion requires at least one NIC. However, &#8220;<em>If you plan to sniff network traffic from a tap or span port, then you will need one or more interfaces dedicated to sniffing (no IP address).<\/em>&#8220;<\/p>\n\n\n\n<p>Thus, under Network settings, VirtualBox allows you to attach up to 4 NICs to a VM.<\/p>\n\n\n\n<p>In our setup, we have attached three Network interfaces;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Bridged host interface to allow internet access<\/li>\n\n\n\n<li>host-only interface to allow access to the vm from the host<\/li>\n\n\n\n<li>We also attached Host-only interface as well. This will be used for sniffing traffic.<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"898\" height=\"543\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-virtualbox-network-settings.png\" alt=\"\" class=\"wp-image-14104\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-virtualbox-network-settings.png?v=1663861769 898w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-virtualbox-network-settings-768x464.png?v=1663861769 768w\" sizes=\"(max-width: 898px) 100vw, 898px\" \/><\/figure><\/div>\n\n\n<p>Click <strong>Ok<\/strong> when do to exit the settings wizard.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Install Security Onion on VirtualBox<\/h3>\n\n\n\n<p>It is now time to start the VM and install Security Onion on VirtualBox. Hence, hit the <strong>Start<\/strong> button.<\/p>\n\n\n\n<p>Security Onion components can be deployed separately or can be deployed as all in one. In this setup, we are deploying an all in one Security Onion setup.<\/p>\n\n\n\n<p>Thus, when the installer launches, select the first installation option;<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-security-onion-virtualbox.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"782\" height=\"544\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-security-onion-virtualbox.png\" alt=\"\" class=\"wp-image-14106\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-security-onion-virtualbox.png?v=1663862852 782w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-security-onion-virtualbox-768x534.png?v=1663862852 768w\" sizes=\"(max-width: 782px) 100vw, 782px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>You will get several prompts during the installation. Provide the appropriate options.<\/p>\n\n\n\n<p>To begin with;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Confirm that all the data, if any is written to the attached storage medium, will be destroyed by typing <strong>yes<\/strong> and press ENTER.<\/li>\n\n\n\n<li>Set the administrative username that will be used to setup and administer Security Onion.<\/li>\n\n\n\n<li>Set the password for the admin user created above.<\/li>\n<\/ul>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-admin-user-n-password.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"930\" height=\"669\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-admin-user-n-password.png\" alt=\"\" class=\"wp-image-14107\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-admin-user-n-password.png?v=1663862906 930w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-admin-user-n-password-768x552.png?v=1663862906 768w\" sizes=\"(max-width: 930px) 100vw, 930px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>The install and setup of Security Onion on VirtualBox will now proceed.<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-n-setup-security-onion-virtualbox.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"879\" height=\"672\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-n-setup-security-onion-virtualbox.png\" alt=\"\" class=\"wp-image-14108\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-n-setup-security-onion-virtualbox.png?v=1663862942 879w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/install-n-setup-security-onion-virtualbox-768x587.png?v=1663862942 768w\" sizes=\"(max-width: 879px) 100vw, 879px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>When the installation completes, press ENTER to reboot the vm.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Setup Security Onion on VirtualBox<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You can now login to Security Onion via the console to continue with the setup.<\/li>\n<\/ul>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-console-login.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"862\" height=\"653\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-console-login.png\" alt=\"\" class=\"wp-image-14109\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-console-login.png?v=1663862971 862w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-console-login-768x582.png?v=1663862971 768w\" sizes=\"(max-width: 862px) 100vw, 862px\" \/><\/figure><\/a><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Welcome to the setup!<\/li>\n<\/ul>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/welcome-to-security-onion-setup.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"880\" height=\"677\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/welcome-to-security-onion-setup.png\" alt=\"\" class=\"wp-image-14110\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/welcome-to-security-onion-setup.png?v=1663863475 880w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/welcome-to-security-onion-setup-768x591.png?v=1663863475 768w\" sizes=\"(max-width: 880px) 100vw, 880px\" \/><\/figure><\/a><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Would you like to continue? <strong>Yes<\/strong><\/li>\n\n\n\n<li>Run the standard security onion installation;<\/li>\n\n\n\n<li>Choose <strong>STANDALONE<\/strong> installation type;<\/li>\n<\/ul>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-install-type.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"660\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-install-type.png\" alt=\"\" class=\"wp-image-14111\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-install-type.png?v=1663863614 865w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-install-type-768x586.png?v=1663863614 768w\" sizes=\"(max-width: 865px) 100vw, 865px\" \/><\/figure><\/a><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Type <strong>AGREE<\/strong> to agree to the Elastic license.<\/li>\n\n\n\n<li>If you have less then 12 GB of RAM, you will be prompted whether you want to run Security Onion anyway. If you have at least 4GB, proceed.<\/li>\n\n\n\n<li>Set the hostname (not FQDN) of your Security Onion.<\/li>\n\n\n\n<li>Enter a short description of the node.<\/li>\n\n\n\n<li>Select the management Network interface card.<\/li>\n\n\n\n<li>Set static IP address assignment for the management interface;\n<ul class=\"wp-block-list\">\n<li>define static IP address<\/li>\n\n\n\n<li>define the interface gateway<\/li>\n\n\n\n<li>DNS server IP addresses.<\/li>\n\n\n\n<li>DNS search domain<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Select <strong>OK<\/strong> to initialize the setting.<\/li>\n\n\n\n<li>When prompted on how the manager should be installed, select <strong>Standard<\/strong> (to have internet access).<\/li>\n\n\n\n<li>Security Onion will now restart docker service. All Security Onion components are deployed as docker containers.<\/li>\n\n\n\n<li>Choose how you would like to connect to Internet, either via proxy or direct.<\/li>\n\n\n\n<li>Add NICs to the monitor interface, to use for traffic sniffing.<\/li>\n\n\n\n<li>Choose OS Patch schedule as manual.<\/li>\n\n\n\n<li>Define a list of your home\/internal networks.<\/li>\n\n\n\n<li>Choose the type of manager to install. Basic or Advanced. We choose Basic to get us started.<\/li>\n\n\n\n<li>Choose which tool between Zeek and Suricata to use to generate network traffic Metadata. We use Zeek in this setup. This option will set Suricata for NIDs.<\/li>\n\n\n\n<li>Choose IDS ruleset to use. We use Emerging Threat Open (ETOPEN).<\/li>\n\n\n\n<li>Choose which other services to enable. If you have enough RAM, enable all of them if you need them;<\/li>\n<\/ul>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-services-to-enable.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"910\" height=\"693\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-services-to-enable.png\" alt=\"\" class=\"wp-image-14112\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-services-to-enable.png?v=1663863754 910w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-services-to-enable-768x585.png?v=1663863754 768w\" sizes=\"(max-width: 910px) 100vw, 910px\" \/><\/figure><\/a><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep the Docker IP ranges.<\/li>\n\n\n\n<li>Enter the Admin email address to create an account for web interface. The same account will be used for ELK.<\/li>\n\n\n\n<li>Set the password for the admin web UI account.<\/li>\n\n\n\n<li>Choose how to access the instance. Via an hostname or IP. If you use hostname, ensure it is resolvable.<\/li>\n\n\n\n<li>Set a password for soremote user for adding sensors remotely.<\/li>\n\n\n\n<li>Choose the type of NSM setup. we go with basic to setup the NSM with recommended settings.<\/li>\n\n\n\n<li>Define the number of Zeek and Suricata processes. We go with 1 for each.<\/li>\n\n\n\n<li>Choose whether to configure NTP server and proceed appropriately.<\/li>\n\n\n\n<li>Select the type of search node config to use. We use NODEBASIC.<\/li>\n\n\n\n<li>Allow so-allow to allow other machines to access Security Onion web interface.<\/li>\n\n\n\n<li>Define the network range to allow to access your Security Onion instance.<\/li>\n\n\n\n<li>And finally, setup summary;<\/li>\n<\/ul>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-setup-summary.png\" class=\"td-modal-image\"><figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"885\" height=\"693\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-setup-summary.png\" alt=\"\" class=\"wp-image-14113\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-setup-summary.png?v=1663863862 885w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-setup-summary-768x601.png?v=1663863862 768w\" sizes=\"(max-width: 885px) 100vw, 885px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>Select Yes and press ENTER to proceed with the setup.<\/p>\n\n\n\n<p>Once the setup is complete, reboot the node;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"910\" height=\"702\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-setup-complete.png\" alt=\"\" class=\"wp-image-14124\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-setup-complete.png?v=1664186511 910w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-setup-complete-768x592.png?v=1664186511 768w\" sizes=\"(max-width: 910px) 100vw, 910px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Access Security Onion Web UI<\/h3>\n\n\n\n<p>You can navigate to the browser and access your security onion instance either via a domain or IP depending on how you set it up.<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-UI.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1869\" height=\"947\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-UI.png\" alt=\"\" class=\"wp-image-14126\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-UI.png?v=1664187794 1869w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-UI-768x389.png?v=1664187794 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-UI-1536x778.png?v=1664187794 1536w\" sizes=\"(max-width: 1869px) 100vw, 1869px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>Security Onion Dashboard.<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-dashboard.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1891\" height=\"948\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-dashboard.png\" alt=\"\" class=\"wp-image-14127\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-dashboard.png?v=1664187820 1891w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-dashboard-768x385.png?v=1664187820 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/securityonion-dashboard-1536x770.png?v=1664187820 1536w\" sizes=\"(max-width: 1891px) 100vw, 1891px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>You can go through the all the tools on the left pane menu;<\/p>\n\n\n\n<p>Sample Security Onion ELK;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1900\" height=\"883\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-elk.png\" alt=\"\" class=\"wp-image-14128\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-elk.png?v=1664187872 1900w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-elk-768x357.png?v=1664187872 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/09\/security-onion-elk-1536x714.png?v=1664187872 1536w\" sizes=\"(max-width: 1900px) 100vw, 1900px\" \/><\/figure>\n\n\n\n<p>And that is how you can install Security Onion on VirtualBox. Stay tuned for more tutorials.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Further Reading<\/h3>\n\n\n\n<p><a href=\"https:\/\/docs.securityonion.net\/en\/2.3\/\" target=\"_blank\" rel=\"noreferrer noopener\">Security Onion Documentation<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Other Tutorials<\/h3>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/visualize-clamav-scan-logs-on-elk-stack-kibana\/\" target=\"_blank\" rel=\"noreferrer noopener\">Visualize ClamAV Scan Logs on ELK Stack Kibana<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/monitor-changes-to-critical-files-on-windows-systems-using-wazuh-and-elk\/\" target=\"_blank\" rel=\"noreferrer noopener\">Monitor Changes to Critical Files on Windows Systems using Wazuh and ELK<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/integrate-osquery-manager-with-elk-stack\/\" target=\"_blank\" rel=\"noreferrer noopener\">Integrate Osquery Manager with ELK Stack<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this tutorial, you will learn how to install and setup Security Onion on VirtualBox. According to Security Onion page, &#8220;Security Onion is a free<\/p>\n","protected":false},"author":3,"featured_media":14130,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[34,121,72,46,36],"tags":[5840,5843,5844,5841,5842],"class_list":["post-14084","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-howtos","category-monitoring","category-virtualbox","category-virtualization","tag-install-and-setup-security-onion-on-virtualbox","tag-install-security-onion-on-virtual-box","tag-security-onion-lab-setup-with-virtualbox","tag-security-onion-virtualbox","tag-virtualbox-security-onion","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/14084"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=14084"}],"version-history":[{"count":13,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/14084\/revisions"}],"predecessor-version":[{"id":20617,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/14084\/revisions\/20617"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/14130"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=14084"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=14084"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=14084"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}