Security Onion Compatibility with Preexisting nodes & Multiple Master Nodes

14 views
Skip to first unread message

Ryan Mohr

unread,
Oct 29, 2020, 11:56:16 AM10/29/20
to security-onion

Dear Security Onion Team & Community,


We are looking to see if security onion is compatible with our current system or possibly move to a security onion architecture, as such we have a few questions:

Our wazuh cluster utilizes port 1514 to send data from the agents to the master node, is the security onion compatible for this type of system or can another port be utilized. In short can security onion connect to a preexisting wazuh cluster? Could the wazuh worker nodes send data to the security onion master node?


Additionally, could the security onion architecture allow for two master nodes? In case of a failure scenario we would like redundancy on our systems.


Similarly, are we able to send logs, such as system logs, from the master node to a different server?


Best,

Ryan

Doug Burks

unread,
Oct 29, 2020, 12:01:10 PM10/29/20
to securit...@googlegroups.com
Hi Ryan,

It looks like you've also posted this over at https://github.com/Security-Onion-Solutions/securityonion/discussions/1730

Assuming you're asking about the new Security Onion 2, then that is the correct place to discuss.

Thanks!

--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/security-onion/778911ab-6aed-4e5e-8c4a-305cdee20257o%40googlegroups.com.


--
Doug Burks
Founder and CEO
Security Onion Solutions, LLC
Reply all
Reply to author
Forward
0 new messages