My favorites | Sign in
Project Home Downloads Wiki Issues Source
Search
for
Help  
Some common troubleshooting steps
Updated Mar 28, 2012 by doug.bu...@gmail.com

Introduction

Having problems? Try the suggestions below.

Details

  • Are you running the latest version of Security Onion? 
    • sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"
  • Check the FAQ.
  • Search the mailing list: http://groups.google.com/group/security-onion
  • Search the documentation and mailing lists of the tools contained within Security Onion: Tools
  • Run "sostat" for some diagnostics: 
    • sudo sostat | less
  • If any of the NSM processes show up as failed, try restarting them: 
    • sudo service nsm restart
  • Check log files in /var/log/nsm/ for any errors or possible clues.
  • If this is a sensor sending alerts to master server, is autossh running? 
    • pgrep -lf autossh
  • If you're having problems with Snorby, check the log files in /usr/local/share/snorby/log/ and /var/log/apache2/ and see if its processes are running: 
    • pgrep -lf delayed_job
  • Are you able to duplicate the problem on a fresh Security Onion installation?
  • Check the Issue Tracker to see if this is a known issue that we are working on.
  • If all else fails, please join our mailing list and send a DETAILED email including the output of the commands above. Also consider the following when posing your question/problem to the group: http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
Powered by Google Project Hosting