Can we use security onion to monitor an email server?

[ipalakchopra]

I want to test if security onion can be used to set up a security operations center in a university. A main requirement there is the need to monitor emails in the university domain. Can security onion do that?

[TotieBash]

please expand your question. What data are you exactly looking for? example are you looking on tracking metadata flows of the 5tuple of who is going in/out of your mail server? or do you just want to ingest email debug logs into elastic stack? What mail server?

[Acewiza]

You guys ask alot of questions! :-) I think the answer is no. Based on the known facts #1 being a non-existent SOC, it's gotta be way beyond the scope of anything anyone ever dreamed about here, right?

SO is a tool used by experienced SOC operators, not he epicenter of some university pipe dream.