Replies: 1 comment
-
That reddit post is from several years ago and much has changed since then.
The dashboard that you're seeing is part of a legacy dashboard set from an older version of Security Onion that is only left in place for folks that might be upgrading from older versions. You should be able to look at how that legacy dashboard is built and then build a new dashboard that will work with current data. |
Beta Was this translation helpful? Give feedback.
-
Version
2.4.60
Installation Method
Security Onion ISO image
Description
Networking Dashboards
Installation Type
Standalone - Airgap
Location
on-prem
Hardware Specs
Exceeds minimum requirements
CPU
32 Cores
RAM
64G
Storage for /
480G
Storage for /nsm
42T
Network Traffic Collection
span port
Network Traffic Speeds
Up to 10Gbps
Status
All services on all nodes are running OK
Salt Status
There are no failures
Logs
No, there are no additional clues
Detail
While this is primarily a security tool, my networking team is trying to identify ways to use it for their tasks as well. One is during peak bandwidth usage instances, to identify who the culprits are, say the top ten offenders and things such as that.
https://www.reddit.com/r/securityonion/comments/cjyp26/monitoring_user_network_traffic_im_new_to_this/evjtsfc/
Doug B a few years ago said "In Kibana, go to Connections and then go to the Top Total Bytes dashboard." This still exists, though it seems all the variables for this dashboard are broken. Is this the case for everyone, and if so, is there an easier way to find this data - or an easy dashboard someone can tell me how to create? Any help is appreciated, new to SO/ELK
Beta Was this translation helpful? Give feedback.
All reactions