This is an automated archive.
The original was posted on /r/cybersecurity by /u/based_cooker on 2023-09-23 11:55:42+00:00.
I have been told by r/cybersecurity to post at r/cybersecurity_help. Now r/cybersecurity_help to post here. Please I’m just looking for help and serious feedback. this is for my place of work and I have been given this task. I am going through a SecurityOnion 2.4.10 deployment and having a hard time figuring out how to set up the forward nodes, installing Elastic Agent to monitor servers for my enterprise (DNS, DHCP, DC). There are no current videos for SecurityOnion 2.4 and most videos are 3 years old. Even the SecurityOnion YouTube channel has no great information other than basic install for Standalone and parsing through the Git discussion is rather…lacking. Is anyone who is using SecurityOnion in an enterprise environment? If so, how do you set up forwarding nodes and installing Elastic Agent through the SecurityOnion console > Administration > Configuration? Any help would be great because I am hitting my head against a wall after trying to follow through the docs.