From the course: Security Onion
Join today to access over 24,700 courses taught by industry experts.
Other helpful commands and tips
From the course: Security Onion
Other helpful commands and tips
- [Instructor] All right, so there are a handful of commands and configuration files that I've grown accustomed to while managing a Security Onion deployment that may be useful to you. So I'll touch on them really quick. The first is sguil-db-purge. If you're having trouble getting Sguil to load for you, there may be an issue with the database. The issues may be caused by too many uncategorized alerts in Sguil, too much data, corrupt database tables, et cetera. Now, running this command will clean up old Sguil alerts, remove uncategorized alerts until it meets your set threshold, and will fix issues with your database. It also restarts the Sguil service. It's something to try if you're having issues getting IDS alerts to load. The next two, so-elastic-configure-kibana-dashboards, and so-elastic-configure-kibana, are two that I've had to use recently. Now I've noticed that sometimes on fresh installs of Security Onion, when I go into Kibana, there will be an error regarding a missing…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.