Security Onion includes the Elastic Stack:
In addition, we've added the following:
Each of the components above has its own Docker image.
You can get an idea of what this whole integration looks like at a high-level by viewing our architecture diagram.
.. toctree:: :maxdepth: 2 elasticsearch logstash kibana elastalert curator freqserver domainstats docker redis data-fields alert-data-fields zeek-fields elastalert-fields re‐indexing elastic-features elastic-auth