Comparison between SO2.3 and SO16.04

[tientmse62290]

Dear Mates,

I'm very new to SO. Now I'm taking over SOv16 from the previous Security guy and want to upgrade to the latest version.
But for now, SO16 is very stable and close to me for operating. I want to know what modules in SO2 have the same function as SO16.
For example:
I use sguil to view the report, the summary, the Netflow, and the suspicious events of the network. Have the hotkey function with the script in the backend for incident response.
We will not mention core modules like ElasticStask, Zeek, Suricata,...just focus on what we will face to monitor and respond to network problems.

Thanks & Regards

[dougburks]

From https://docs.securityonion.net/en/2.3/alerts.html:

Security Onion Console (SOC) gives you access to our new Alerts interface. This interface gives you an overview of the alerts that Security Onion is generating and allows you to quickly drill down into details, pivot to Hunt or PCAP, and escalate alerts to TheHive.

You may also want to watch the Security Onion Essentials video series:
https://securityonionsolutions.com/training/