Security Onion Over Cloud

[Buddy]

Hi.
Any Guide For Start A Siem With Security Onion Over Cloud That Collect Logs From Other Vms And Local Networks ?

[Wes Lambert]

Hi Buddy,

We don't publish a guide for this, other than the following steps found here (which is not technically supported, but done at your own risk):

https://github.com/Security-Onion-Solutions/security-onion/wiki/CloudClient

Thanks,

Wes

On Tue, May 15, 2018 at 8:54 AM, Buddy <mohammad.m...@gmail.com> wrote:

Hi.
Any Guide For Start A Siem With Security Onion Over Cloud That Collect Logs From Other Vms And Local Networks ?

--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.

--

https://twitter.com/therealwlambert

https://securityonion.net/

[Wes Lambert]

While we do not provide a guide on this, I have done this before and it is fairly simple to set up.  You will want to use something like OpenVPN for the connectivity between the two boxes.

Thanks,

Wes

On Mon, May 21, 2018 at 6:23 AM, buddy <mohammad.m...@gmail.com> wrote:

On Wednesday, 16 May 2018 15:55:02 UTC+4:30, Wes  wrote:
> Hi Buddy,
>
>
> We don't publish a guide for this, other than the following steps found here (which is not technically supported, but done at your own risk):
>
>
> https://github.com/Security-Onion-Solutions/security-onion/wiki/CloudClient
>
>
>
> Thanks,
> Wes
>
>
>
>
>
>
> On Tue, May 15, 2018 at 8:54 AM, Buddy <mohammad.m...@gmail.com> wrote:
> Hi.
>
> Any Guide For Start A Siem With Security Onion Over Cloud That Collect Logs From Other Vms And Local Networks ?
>
>
>
> --
>
> Follow Security Onion on Twitter!
>
> https://twitter.com/securityonion
>
> ---
>
> You received this message because you are subscribed to the Google Groups "security-onion" group.
>

> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
>
> To post to this group, send email to securit...@googlegroups.com.

>
> Visit this group at https://groups.google.com/group/security-onion.
>
> For more options, visit https://groups.google.com/d/optout.
>
>
>
>
>
> --
>
>
> https://twitter.com/therealwlambert
>
> https://securityonion.net/

Dear Wes
Thank you For Reply .
i saw it before posting but i want start my seim server over cloud. i want sensors in my local network and in my another datacenters and i wanna to proceed that traffics in my cloud server(master security onion server)
any idea?

Best Regards

--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.

[Josh Silvestro]

On Tuesday, May 15, 2018 at 8:59:06 AM UTC-4, Buddy wrote:
> Hi.
> Any Guide For Start A Siem With Security Onion Over Cloud That Collect Logs From Other Vms And Local Networks ?

Sooo what's worked for me was using two firewalls that support VPN tunnels between them. Then setting everything up as "if" they were in the same network. It's worked great.