BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.

This project aims to enhance intrusion detection using Security Onion by integrating machine learning models for improved alert prioritization.

Collection of PatternDB files to parse Ubiquiti Unifi events into Security Onion's Syslog-NG and ELSA

Security Onion Packet Capture Download scripts

A Security Onion deployment project for intrusion detection and log analysis. Includes standalone, pfSense, internal, and cloud scenarios with Suricata, Zeek, Wazuh, and ELK stack integration.

Test your IDS with a simple python2.7 SCAPY tool.

Presenting a guide and systematic methodology for implementing securityonion / ELK elastic search stack. Checklists, Samples, Tips, and Tricks

YARA signature | YARA rule for Detecting Voldemort Malware

Standalone Security Onion Setup + Network Simulation using Two Devices

Security Operations Center: pfSense firewall, Security Onion IDS/IPS, Splunk SIEM, Wazuh EDR — multi-layered threat monitoring and incident response

Blocks IP addresses via the Security Onion Console.

Simulated cybersecurity homelab using a 7-VM setup including a defense and an attack box

Self-hosted NetBird VPN with Security Onion SIEM integration. Zero-trust mesh networking for secure cloud-local connectivity. 14.7M+ events monitored.