PROVIDING SECURITY SERVICES. WITH PROFESSIONALISM AND EFFICIENCY. Elsa Security operates the industry best practice systems and procedures. We have attained IS999:2004 certification and we are PSA Licensed. All staff receive both internal and external training and are PSA Licensed.
What is Sphinx Elsa?
ELSA stands for Enterprise Log Search and Archive. It’s a really powerful syslog framework built on Syslog-NG, MySQL, and Sphinx full-text search. It’s one of the main tools that I’m relying on when using Security Onion.
How do you use Elsa Security Onion?
What is Enterprise log search and archive?
Enterprise Log Search and Archive (ELSA) is a three-tier log receiver, archiver, indexer, and web frontend for incoming syslog. It leverages syslog-ng’s pattern-db parser for efficient log normalization and Sphinx full-text indexing for log searching.
What does security onion do?
Security Onion is a FREE and open-source Linux distro designed for security monitoring, intrusion detection, and log management. Its core components are Elastic Search, which is used to ingest and index logs, Logstash, used parse and format logs, and Kibana which is used to visualize the ingested log data.
What is Snorby used for?
Snorby is a web GUI for managing your Snort system. The Snort daemon created in the last section will write all alerts to a Unified2 file, and Barnyard2 will process those alerts into a MySQL database. Snorby will let you browse, search, and profile those alerts from the database in a easy to view way.
What operating system is security Onion?
Linux Security Onion is a Linux distro that is based on Ubuntu and contains a wide spectrum of security tools. It is so named because these tools are built as layers to provide defensive technologies in the form of a variety of analytical tools.
