Security Onion SIEM Integrations #13018

Closed Locked Answered by dougburks

mccroryc asked this question in Unsupported Versions

mccroryc
May 15, 2024

I am just getting started with Security Onion and have been tasked with setting the product up as our SIEM. Would anyone know if there is a list of compatible products that have documentation for data integration. Specifically I would like to integrate Microsoft Defender, Cisco FTD, PF Sense, Tenable network monitor

thank you for your help
Kind regards,
Chris

Answered by dougburks

For pfSense, please see:
https://docs.securityonion.net/en/2.4/pfsense.html

For Microsoft Defender, Cisco FTD, and Tenable, please see:
https://docs.securityonion.net/en/2.4/elastic-fleet.html#integrations

View full answer

Replies: 1 comment

dougburks
May 16, 2024
Maintainer

For pfSense, please see:
https://docs.securityonion.net/en/2.4/pfsense.html

For Microsoft Defender, Cisco FTD, and Tenable, please see:
https://docs.securityonion.net/en/2.4/elastic-fleet.html#integrations

0 replies

Answer selected by dougburks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment