Category: Security Onion Manager Node
Shell scripts for Security Onion manager node
For some reason a rebooted Security Onion manager node is perceived as a combined manager-search node (this is my hypothesis), filling up the /nsm filesystem with unnecessary, large amounts of data. Here are four shell scripts I find useful.
Read More → Shell scripts for Security Onion manager nodeSecurity Onion 2.4.40 and so-elastalert running on the manager
We upgraded our Security Onion nodes today. We really had no choice. I was surprised to see the so-elastalert container normally running on the manager being unable to start. I happened to glance at the release notes, and tried the commands suggested there. Suffice it to say, I got nowhere.
Read More → Security Onion 2.4.40 and so-elastalert running on the manager